On Thu, Feb 06, 2003 at 01:48:00PM -0800, nate wrote: > > result in plain text authentication, which is not exactly > > secure. > > use IMAPS then.(IMAP over ssl). sslwrap can provide this functionality > to any IMAP server. I personally prefer plain text auth, makes things > simplier, but of course that means using some sort of lower layer encryption > like SSL or VPN to secure the link.
Well, all users directly connecting to the IMAP port will be employees from the local LAN. External access to the mailboxes will be possible only by using a webmail client that runs on an apache-ssl server located in the LAN. Thus, no data is intended to go outside in unencrypted form. This allows me to go the simple way; it would just be nicer to have a bit more security. > > Does SASL use LDAP? > > Openldap can use sasl(not required, I build my openldap debs w/o > sasl), but it currently uses the "older" sasl, which is different from > the one included with cyrus 2. Alas, why are these things so complicated? One should think that securely authenticating users, as the common standard task that is, should be a very easy game. > > disc. Users will be forced to move their older mail to their folders under > > archives.* by setting quotas accordingly. Thanks to cyrus, this can be set > > up transparently. > > only drawback is cyrus has no quota notification so you need to write > some sort of script if you want to be notified. squirrelmail has a quota > plugin which works with cyrus, it shows a % as well as MB/kb used/avail > on the left frame of the app. Ja --- I already wondered why I didn't get any quota warnings on my testing mailbox, but yesterday evening I found out that cyrus gives them only as responses to IMAP requests. Wheather the user is actually being warned or not, fully depends on the client :/ > I wrote a really ugly script last year In response to a request on the info-cyrus list, someone mailed me a script to check quotas :) I'll see what it does soon. GH -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]