1

Topic: Plain Text authentication

==== Provide basic information to help troubleshoot ====
- iRedMail version: 7.3
- Linux/BSD distribution name and version: Centos 6.0
- Any related log? Log is helpful for troubleshooting.
====

I wanted to disable Plain text authentication. if i do so will it create problem for SQl and user login.????? do i need to modify any settings ..?????? please advise.

I believe plain text auth will create security issues.

Regards
Hariesh

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Plain Text authentication

Sorry, what does your "plain text authentication" mean?

3

Re: Plain Text authentication

HI,

i am  sorry. in dovecot.conf file there is an line which says.
disable_plaintext_auth = no.

Can i disable this..? will it affect anything else..? please advise.

Regards
Hariesh

4

Re: Plain Text authentication

"disable_plaintext_auth=yes" allows plaintext authentication only when SSL/TLS is used first.
if you have SSL/TLS enabled (it's enabled in iRedMail by default), you can set "disable_plaintext_auth=yes". Make sure your mail clients work well with this setting, test it first.

Reference:
- http://wiki.dovecot.org/SSL/DovecotConfiguration (Search "disable_plaintext_auth")
- http://wiki.dovecot.org/Authentication/Mechanisms