Thus said Rahsheen Porter on Sun, 28 Jan 2001 23:27:14 EST:
> I'm extremely happy with qmail and the other software available from
> DJB, but I've yet to hear anything about an IMAP server that takes
> security into consideration. I'm running Courier-IMAP right now, but I
> haven't actually opened the port to the world yet because I'm not
> confident in it's security (since I can't seem to find any docs on it
> that mention the word).
Why would you be more confident in an IMAP daemon from DJB? (No offense
DJB). Why are you not confident in it's security? While courier-imap
isn't coded in the same style that DJB uses, I do believe that it has
been built with security in mind. Having said that, I cannot say for
certain that it *is* indeed secure merely because I have not seen a
security audit on the code, but I do believe for the most part it is
secure. For more on it's security I believe there is a document called
SECURITY in the code tree somewhere which discusses it's approach to
security---you might have a look at that.
Andy
--
[-----------[system uptime]--------------------------------------------]
11:26pm up 88 days, 1:46, 5 users, load average: 1.04, 1.09, 1.08
