Yes, you're right. In the mean time, I did get a useful mail program :P
- I reformatted the attached Mail ;) - Sorry for inconvenience!
"Patrick Ben Koetter" <p...@state-of-mind.de>:
> Seriously, please get a mail programm that sends useful formats.
>
> p...@rick
>
> Mirko Stoffers <users@sogo.nu>:
>> Hi Patrick,
>>
>> hm, I cannot really see the problem with authorization:
>> My SQL database doesn't contain any authorization information
>> at all. Or do you mean that a saslauthdb could contain users
>> for different purposes (say, FTP server access) who are not
>> authorized for SOGo? For the latter I would recommend that
>> the authentication is done by SASL and the authorization by
>> the PostgreSQL table w/o the password field.
>>
>> However, obviously I have to accept that SOGo does not
>> currently support SASL. So I keep my configuration till SOGo
>> comes to support it ;)
>>
>> Thanks
>>
>> Mirko
>>
>> "Patrick Ben Koetter" <p...@state-of-mind.de>:
>>> Mirko Stoffers :
>>>
>>> Hi Patrick, thanks for your reply. Yes, I also thought about that.
However,
>>> I'm not sure whether postgres is really a good source for
authentication. I
>>> think, postgres is more designed as a relational database than a
password
>>> storage, whilst the saslauthdb's only purpose is storing passwords. In
>>> practice, when I insert the entries into the postgres database with
"insert
>>> into ... md5('...') ..." the passwords are shown on the screen in
clear and
>>> saved in the history file. That's why I would prefer using a password
>>> storage (saslauthdb) for passwords. ;) Thanks, Mirko
--
users@sogo.nu
https://inverse.ca/sogo/lists
