mirror of
https://github.com/mjl-/mox.git
synced 2025-07-10 09:14:39 +03:00
implement the plus variants of scram, to bind the authentication exchange to the tls connection
to get the security benefits (detecting mitm attempts), explicitly configure clients to use a scram plus variant, e.g. scram-sha-256-plus. unfortunately, not many clients support it yet. imapserver scram plus support seems to work with the latest imtest (imap test client) from cyrus-sasl. no success yet with mutt (with gsasl) though.
This commit is contained in:
@ -501,8 +501,10 @@ describe-static" and "mox config describe-domains":
|
||||
Username:
|
||||
Password:
|
||||
|
||||
# Allowed authentication mechanisms. Defaults to SCRAM-SHA-256, SCRAM-SHA-1,
|
||||
# CRAM-MD5. Not included by default: PLAIN. (optional)
|
||||
# Allowed authentication mechanisms. Defaults to SCRAM-SHA-256-PLUS,
|
||||
# SCRAM-SHA-256, SCRAM-SHA-1-PLUS, SCRAM-SHA-1, CRAM-MD5. Not included by default:
|
||||
# PLAIN. Specify the strongest mechanism known to be implemented by the server to
|
||||
# prevent mechanism downgrade attacks. (optional)
|
||||
Mechanisms:
|
||||
-
|
||||
|
||||
@ -532,8 +534,10 @@ describe-static" and "mox config describe-domains":
|
||||
Username:
|
||||
Password:
|
||||
|
||||
# Allowed authentication mechanisms. Defaults to SCRAM-SHA-256, SCRAM-SHA-1,
|
||||
# CRAM-MD5. Not included by default: PLAIN. (optional)
|
||||
# Allowed authentication mechanisms. Defaults to SCRAM-SHA-256-PLUS,
|
||||
# SCRAM-SHA-256, SCRAM-SHA-1-PLUS, SCRAM-SHA-1, CRAM-MD5. Not included by default:
|
||||
# PLAIN. Specify the strongest mechanism known to be implemented by the server to
|
||||
# prevent mechanism downgrade attacks. (optional)
|
||||
Mechanisms:
|
||||
-
|
||||
|
||||
@ -563,8 +567,10 @@ describe-static" and "mox config describe-domains":
|
||||
Username:
|
||||
Password:
|
||||
|
||||
# Allowed authentication mechanisms. Defaults to SCRAM-SHA-256, SCRAM-SHA-1,
|
||||
# CRAM-MD5. Not included by default: PLAIN. (optional)
|
||||
# Allowed authentication mechanisms. Defaults to SCRAM-SHA-256-PLUS,
|
||||
# SCRAM-SHA-256, SCRAM-SHA-1-PLUS, SCRAM-SHA-1, CRAM-MD5. Not included by default:
|
||||
# PLAIN. Specify the strongest mechanism known to be implemented by the server to
|
||||
# prevent mechanism downgrade attacks. (optional)
|
||||
Mechanisms:
|
||||
-
|
||||
|
||||
|
Reference in New Issue
Block a user