Filter
Top Products
Chapter 3 Mail Service Advanced Conguration 65
Enabling multiple methods allows a client to use any of the enabled methods. If you
want to require any of these authentication methods, enable only one method.
To allow secure SMTP authentication:
1 In Server Admin, select a computer in the Servers list, then select Mail.
2 Click Settings.
3 Select the Advanced tab.
4 Select Security.
5 Click the CRAM-MD5 or Kerberos checkbox in the SMTP section.
6 Click Save.
To allow less secure authentication:
1 In Server Admin, select a computer in the Servers list, then select Mail.
2 Click Settings.
3 Select the Advanced tab.
4 Select Security.
5 In the SMTP section, click the Plain or Login checkbox.
6 Click Save.
If you use the Server Setup Assistant and make your server and Open Directory Master,
Kerberos and CRAM-MD5 are enabled automatically. If you want to force only one of
these methods to be used for authentication, deselect the one you do not want used.
IMAP and POP Authentication
Your IMAP/POP Mail service (Dovecot) can protect user passwords by requiring that
connections use a require secure authentication using Kerberos, CRAM-MD5 (for
IMAP), or APOP (for POP) or less secure authentication methods using plain text or
login. When a user connects with secure authentication, the user’s mail client software
encrypts the user’s password before sending it to your IMAP service.
Plain authentication sends mail passwords as plain text over the network. Login
authentication sends a minimally secure crypt hash of the password over the network.
You might allow these less secure authentication methods, which don’t encrypt
passwords, if some users have mail client software that doesn’t support the secure
methods.
Make sure your users’ mail applications and user accounts support the method of
authentication you choose. If you congure Mail service to require CRAM-MD5, you must
set mail accounts to use a Mac OS X Server Password Server that has CRAM-MD5 enabled.