> Though I would be confident that with custom code, you could > *eventually* get saslauthd and/or pam to talk to a SQL Server DB using > IMail's DDL, I don't know of anyone doing that now.
Why would you use IMail's DLL from another box running something like QMail, sendmail, etc. if you could just use native ODBC access or JDBC to access either the actual SQL server or, if performance required, a local replicated copy to MySQL? > > (it'd probably be more secure than IMail anyway :) > > I don't quite get this. If you're pushing the DB in the clear, even if > you expect the gateway to hash it after it's processed (using > saslpasswd or similar), anyone who compromises the box would be able > to intercept the plain-text upload. Or are you suggesting hashing the > passwords with the gateway's algorithm before uploading them? This is > reasonable, but hey, you can encrypt passwords with IMail, too, if you > want. Who said anything about pushing passwords in clear-text? Why would anyone do that? :) Options: 1) Gateway connects to external SQL over secure LAN or tunnelled SSH / SSL traffic. 2) SQL DB is securely replicated to gateway (again secure) 3) IMail DB export ships a pre-hashed or encrypted file to gateway via SSH/SCP. Simply by allowing secure auth at the gateway (instead of your internal mail server) provides a few benefits. Linux default pw hashes are more secure than IMail's default pw cipher (it's not really encrypted, right?). Lockouts at the gateway won't necessarily disable an internal user's access to the email system. DoS or brute force attacks will be isolated at the gateway, never hitting the internal server. It's been my experience that I'd have better luck attacking admin level access to NT than root to a linux box. No matter... different alternatives on either side. So what's this you speak of improving IMail's pw handling? I think I saw someone trying to do this, but they had troubles, what's the correct way to do it? -ives To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
