1 Topic by drsys

  • drsys
  • Member
  • Offline
  • From: Greece
  • Registered: 2009-12-26
  • Posts: 15

Topic: Encrypted passwords in dovecot

is there a way to config dovecot to accept encrypted passwords instead of plain authentication ?
Thanks

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Encrypted passwords in dovecot

No. Client always send plain password.

3 Reply by okoetter

  • okoetter
  • Member
  • Offline
  • Registered: 2012-04-17
  • Posts: 18

Re: Encrypted passwords in dovecot

I changed "disable_plaintext_auth = no" to "disable_plaintext_auth = yes" in /etc/dovecot/dovecot.conf.
This way STARTTLS or TLS is mandatory. I think this setting should be default. What do you think?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Encrypted passwords in dovecot

okoetter wrote:

I changed "disable_plaintext_auth = no" to "disable_plaintext_auth = yes" in /etc/dovecot/dovecot.conf.
This way STARTTLS or TLS is mandatory. I think this setting should be default. What do you think?

Good idea. Committed to the code repository moment ago:
https://bitbucket.org/zhb/iredmail/chan … 07d214998b