Hi list, I'm a user of SASL2 because it is needed for smtpd authentication my Postfix. Recently I switched SASL from the local Berekely DB to a mySQL database. However, I was quite surprised to see that the only way to have this setup running (SASL + mySQL) is to have unencrypted passwords in the database. Is this really correct or am I missing something? Ideally I'd like to have PBKDF2 in the database or at least something of similar security. I realized there's the mysql-pam plugin that I could somehow configure with SASL, but it is ancient (2006) and uses extremely crappy crypto as well (MD5 really isn't what you want to store passwords in). I'm also well aware that this limits Postfix to PLAIN authentication. This is perfectly fine as I'm exclusively using smtps (i.e. TLS) and therefore is not a problem. Having plain text passwords in a database is. Appreciate any help, Thanks in advance, Best regards, Johannes
