Re: Success 2.0.7, SSL, and SASL!

Wed, 13 Dec 2000 19:41:36 -0800 

Are there any docs on the specifics?

Adding support for this to Cyrus and
SASL would be very cool.

-- Michael --

----- Original Message -----
From: "Joe Rhett" <[EMAIL PROTECTED]>
To: "Michael Fair" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, December 13, 2000 1:46 PM
Subject: Re: Success 2.0.7, SSL, and SASL!


> Michael, "Secure Password Authentication" is a not-so-secure
> Microsoft-Domain-specific form of authentication. It basically means
> "send this mail server your current authentication token ..."
>
> In short, it don't work with Unix servers at all, especially Cyrus.
>
> You can disable this, and enable using SSL and everything will be
encrypted
> just fine.
>
> On Mon, Dec 04, 2000 at 11:28:42AM -0800, Michael Fair wrote:
> > > From: "Michael Fair" <[EMAIL PROTECTED]>
> > > > 4) Microsoft Outlook Express' "Secure Password
> > > > Authentication" doesn't seem to work with cyrus.
> > > > It complains about CRAM-MD5 failing and thinks
> > > > the server doesn't support any authentication
> > > > that my Windows 98 machine has on it.
> > > > Anyone got any ideas on this one?
> > > >
> > > Oulook Express only supports the LOGIN mechanism, so you need to
compile
> > > SASL with '--enable-login'.
> > >
> >
> > I did this after watching the unencrypted network
> > traffic and seeing the word LOGIN from the Microsoft
> > Client before I posted to the group.
> > I probably should have mentioned that before.
> > Enabling LOGIN with SASL seems to have made no
> > difference to the Outlook Express 5.5 client.
> > Here are my imtest results which show that SASL
> > is working just fine.
> > imtest -u test -a test -m LOGIN localhost works.
> > imtest -u test -a test -m PLAIN localhost does not work.
> > imtest -u test -a test -t "" -m PLAIN localhost works.
> > imtest -u test -a test -m CRAM-MD5 localhost works.
> > imtest -u test -a test -m DIGEST-MD5 localhost works.
> >
> > Any other ideas?
> >
> > -- Michael --
>
> --
> Joe Rhett                                         Chief Technology Officer
> [EMAIL PROTECTED]                                      ISite Services, Inc.
>
> PGP keys and contact information:          http://www.noc.isite.net/Staff/
>

Reply via email to