> I see no reason not to do this in UW imapd (and make a user very happy), but
> before I do it I'd like to get a sanity check from the community -- is there
> any reason why this might be a bad idea?
In my opinion, it's not a software author's job to tell users what level
of security they _must_ comply with. If the author wishes to suggest
security, cleartext logins could be disabled by default if the connection is
unsecure. However, this configuration should not be mandatory.
If you were looking for comments regarding the safety of a localhost
connection on a multiuser system, in terms of possibility of
compromise/sniffing by other local users: I'm not qualified to say.
--
"I never knew words could be so confusing," Milo said to Tock
as he bent down to scratch the dog's ear.
"Only when you use a lot to say a little," answered Tock.
-- Norton Juster, _The Phantom Tollbooth_
