3a0$[EMAIL PROTECTED]> <001701c05e4d$fe63a5d0$0100a8c1@jeremy>
Content-Type: text/plain; charset=us-ascii; x-mac-type="54455854"; x-mac-creator
="4D4F5353"
Content-Transfer-Encoding: 7bit
Jeremy Howard wrote:
> Scot W. Hetzel wrote:
> > From: "Michael Fair" <[EMAIL PROTECTED]>
> > > 4) Microsoft Outlook Express' "Secure Password
> > > Authentication" doesn't seem to work with cyrus.
> > > It complains about CRAM-MD5 failing and thinks
> > > the server doesn't support any authentication
> > > that my Windows 98 machine has on it.
> > > Anyone got any ideas on this one?
> > >
> > Oulook Express only supports the LOGIN mechanism, so you need to compile
> > SASL with '--enable-login'.
> >
> What is the LOGIN mechanism? Are passwords still sent plaintext? Is this
> what OE calls 'Secure Password Authentication'?
I unfortunately don't understand the LOGIN mechanism ( or any
other mechanism for that matter ) myself.
I assume that it is different from the LOGIN command that
IMAP allows. I know that it only works when SSL is enabled
so I assume that it is as bad as sending the password plaintext.
I believe that OE uses some encryption method (in this case
CRAM-MD5) and then uses the LOGIN command (as opposed
to the AUTH command) to authenticate the end user.
This is all made up gibberish implied from my limited understanding
of what these protocols are acutally doing. I'm hoping someone
more educated about this than I am can clear up the confusion.
> I remember seeing something on the list about OE sending an extra space in
> one of it's authentication commands--did this get fixed?
I have no idea...
> Sorry for all the questions ;-)
I want the answers too :)
-- Michael --
