On 13.06.2013 00:31, Gary Kuznitz wrote:
I selected "Do not use CRAM-MD5 authentication even if it is advertised" It's now woking.
Then technically, Verizon is having a problem in that they announce an auth mech that actually doesn't work ... (Though that *might* change from one *user* to another.)
Do you know if there is any way to remove the emails with the user name and password from the archives?
Those mails did not only go to the mailinglist's archives, but also to however may subscribers, some of them possibly being just feeds into *other* public archives. Note, however, that your log contained not the actual password but the HMAC-MD5 digest of it and the challenge string; it's the *purpose* of HMACs that one cannot derive the "key" (password) from challenge and digest alone. (And that's also the reason why a server doing HMAC-MD5 needs a *plaintext* copy of the password *itself* to verify the digest.) Regards, J. Bern -- *NEU* - NEC IT-Infrastruktur-Produkte im <http://www.linworks-shop.de/>: Server--Storage--Virtualisierung--Management SW--Passion for Performance Jochen Bern, Systemingenieur --- LINworks GmbH <http://www.LINworks.de/> Postfach 100121, 64201 Darmstadt | Robert-Koch-Str. 9, 64331 Weiterstadt PGP (1024D/4096g) FP = D18B 41B1 16C0 11BA 7F8C DCF7 E1D5 FAF4 444E 1C27 Tel. +49 6151 9067-231, Zentr. -0, Fax -299 - Amtsg. Darmstadt HRB 85202 Unternehmenssitz Weiterstadt, Geschäftsführer Metin Dogan, Oliver Michel