Question New password hashing option for email accounts

[Tobias Sorensson]

i had a issue with thunderbird that the users who use it when changing to the new encryption could not connect they just get invalid password even tho they set the correct password.
i tried to remove DIGEST-MD5 CRAM-MD5 from the /etc/postfix/sasl/smtpd.conf file but still the same issue..

had to restore the db from backup that i made of the psa db.

this is unaccepteble that this issue arises when a new security feature arives. or atleast give notice about this and a possible fix. most of my clients use thunderbird and some use outlook.

these things needs to be tested and i feel like this new feature was intreduced way too early.
Do Plesk even have a QA anymore? dont feel like it not since they intreduced there AI Elvis Pleskly.

this needs more bake time and i feel like this is just to check some boxes to make some Security boxes tick.

 

[ChristophRo]

i had a issue with thunderbird that the users who use it when changing to the new encryption could not connect they just get invalid password even tho they set the correct password.
i tried to remove DIGEST-MD5 CRAM-MD5 from the /etc/postfix/sasl/smtpd.conf file but still the same issue..

It does not matter if you remove DIGEST-MD5 or CRAM-MD5 in retrospect, as some mail clients (Thunderbird is among them) do "detect" these server capabilities only when you setup an account.
If the server does advertise MD5, Thunderbird will automatically use the encrypted password option until you manually change it to normal/unencrypted in the account settings

At least Thunderbird does allow you to change this option on the fly.

Outlook on the other hand, does also auto detect on setup, but has no option to manually change it later on.
So you re forced to delete and re-setup the account in Outlook to get it working again.