What exactly is APOP?
Is it supported by outlook and Netscape (ie typical clients)?
At qmail.org, I found :
http://www.geocities.co.jp/SiliconValley/4777/qmail/checkpw/index.html
This program seems to put the qmail password into the user's directory
for both POP and APOP.
Is the idea to allow Qmail to authenticate using a 'dummy' password,
only good for checkpwd/checkapoppwd?
This appears to be a nice solution, because then the actual password of
the user would never be transmitted.
So,
How secure is this, have others been using it?
Please forgive my ignorance, I don't spend much time with qmail admin
because it works so well I don't have to. Yet I have always been
bothered by sending users passwords over the net, even though those
users are not allowed a shell i.e. /bin/false.
Thanks,
Joe Junkin
[EMAIL PROTECTED]
http://www.datacrawler.com
