stalwartlabs / mail-server

Secure & Modern All-in-One Mail Server (IMAP, JMAP, POP3, SMTP)
https://stalw.art
5.35k stars 224 forks source link

SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports #27

Open Neustradamus opened 1 year ago

Neustradamus commented 1 year ago

Which feature or improvement would you like to request?

Dear @stalwartlabs team,

Can you add supports of :

You can add too:

A "big" list has been done in last link of this ticket.


SCRAM-SHA-1(-PLUS):

SCRAM-SHA-256(-PLUS):

SCRAM-SHA-512(-PLUS):

SCRAM-SHA3-512(-PLUS):

SCRAM BIS: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:

-PLUS variants:

IMAP:

LDAP:

HTTP:

JMAP:

2FA:

IANA:

Linked to:

Is your feature request related to a problem?

No response

Code of Conduct

Neustradamus commented 11 months ago

@stappersg: I have done a ticket to the @stalwartlabs dev team to add the support of the best security and to be compatible with the World. It is important to inform people... SCRAM exists since 2011 and replace several old unsecure password hashes. It is not an aggression.

For example, you can see it is needed, it has been, officially, added by default in:

mdecimus commented 11 months ago

Hi @Neustradamus -- please disregard this person's comment. They have been banned from this repository for violating the code of conduct multiple times. Support for SCRAM is in the roadmap and should be implemented during the first months of 2024.

Neustradamus commented 11 months ago

@mdecimus: Thanks for your answer, good news, can not wait the moment ^^

I have not done the ticket in all repositories:

I will add the ticket to add Channel Binding (linked to SCRAM-SHA-*-PLUS variants) and another one to move old unsecure hashes to history.

mdecimus commented 11 months ago

I have not done the ticket in all repositories

Not necessary, once it is implemented here it will propagate to all other repositories.

Neustradamus commented 11 months ago

Yes, it was the original goal :)