> As far as I understand, both should authenticate against users in > /etc/sasldb2 and provide the same mechanisms. > > I'm asking becaus on my Debian Etch 4.0r4a (stable) variant 1 works, but > variant 2 doesn't and I dont know why. But I want to offer CRAM-MD5 and > DIGEST-MD5 too and this is AFAIK only possible with variant 2. > saslauthd receive password as cleartext to be compatible with many lookup types (pam, ldap, mysql). You must use TLS/SSL to improve security. -- Reinaldo de Carvalho http://korreio.sf.net http://python-cyrus.sf.net
