[Vmail-discuss] Re: vmail smtp auth

Jakob Hirsch jh at plonk.de
Fri, 25 Jul 2003 02:02:25 +0200

Donovan Craig wrote:

> It would be perfect if we were able to:
> successfully authenticate if md5(entered password) = mydbpassword

With PLAIN and LOGIN this is no problem, since the password gets
base64-encoded over the line.
CRAM-MD5 is a challange-response method using MD5 as a one-way hashing
method, so it is not possible to retrieve the password.