Subject: Re: Sendmail SASL authentication
To: Martin Husemann <>
From: Wolfgang Rupprecht <>
List: current-users
Date: 04/28/2002 08:17:57
> On the other hand SASL (both with sendmail and postfix) requires the cyrus
> sasl library and is not compiled in with our in-tree version.
> This is a pretty disapointing state of affairs. Hell, even outlook express
> can do this with a simple mouse click!

I wonder if outhouse express has the same security bug in its
SASL/AUTH where it will reveal the username/password to any MTA that
asks "what is your password?"

If possible I would definitely use a throw-away password and username
for SASL, assuming that it will get exposed in the normal course of
using it.

Wolfgang Rupprecht    <>
Coming soon: GPS mapping tools for Open Systems.