> For the truly paranoid, it's trivial to run separate databases per > user. > Just set up a database per user, use LDAP for central authentication, > and use some proxy like Perdition or nginx to connect to the right > database. You'll have to add user-based transports in SMTP, but once > you > do that, you're all set. Of course, scalability sucks in such a > setup. > But what the heck.
This is not being paranoïd. There are thousands of successful attacks every day, so the event for a successful attack on a dbmail server (at least at OS level) is very likely. DBmail runs very large setups. Putting all security into dbmail and not in the database is just attracting bees with honey. Furthermore, don't expect admins to setup a complex proxy with 10.000 users and accounts, when the database is broken by design. This is the job of the developers, especially those announcing that dbmail is VERY secure, to offer bullet-proof security, even in case of malicious attack using a rootkit. Kind regards, Kellogs _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev
