Mark Crispin <[EMAIL PROTECTED]> writes:
> On Mon, 9 Sep 2002, Max Okumoto wrote:
> > I am in the process of migrating users away from plain text passwds
> > over un-encyprted channels. Is there a way to syslog the names of
> > users that used plain text passwds for imapd and ipop3d?
>
> You'll need to modify the software. The exact modifications that you need
> would depend upon your migration strategy/policy. Specifically, you need
> to define what it is that you intend to disable.
>
> Do you intend to disable all use of plaintext passwords, even over
> encrypted channels? Or do you intend to continue allowing plaintext
> passwords if the channel is encrypted.
>
> Do you intend to disable all use of non-encrypted channels? Or do you
> intend to continue to allow non-encrypted channels if the password is not
> plaintext.
Our current goal is to migrate everyone to imapd/ipop3d over ssl. We
are going to let them use plaintext passwds inside of the ssl tunnel.
The final goal is to only support imapd over ssl. [If we could only
make the exchange server go away, but that another story]
I would like to syslog any user who uses plain text passwd to ether
daemon. (log output only if the user name is in passwd file)
What I need it the name of the file to modify, and the functions I
need to touch.
Max Okumoto
