Re: securing pop3

To: Kristof Goossens <kristof@xssass.be>
Cc: debian-security@lists.debian.org
Subject: Re: securing pop3
From: tps@unslept.com
Date: Sat, 8 Feb 2003 09:42:59 -0500
Message-id: <[🔎] 20030208144259.GA14982@major.pita.org>
In-reply-to: <[🔎] 20030208142333.GA24999@flexo.xssass.be>
References: <[🔎] 20030208142333.GA24999@flexo.xssass.be>

On Sat, Feb 08, 2003 at 03:23:33PM +0100, Kristof Goossens wrote:
> Hello all,
> 
> I need to make a pop3 account on my server. I intend to work with ipop3d to
> provide secure pop3 service. Now I want to provide this service for only
> few people, and I don't want them to have an account on the system. Well, they
> can have a pop3 account, but no other access whatsoever...
> 
> I don 't like the idea of giving them an account and setting their shell to
> /bin/false. So my question is: "Is it possible to create a pop3 account without
> needing to modify the /etc/passwd file?"

Use Perdition, the pop/imap proxy. They should only know the machine that
is running the proxy, and you can point it to whatever server you want, 
and they shouldn't know about it. Or, you can use one of the 'sealed servers'
like Cyrus

Tim


-- 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>> Tim Sailer (at home)             ><  Coastal Internet, Inc.          <<
>> Network and Systems Operations   ><  PO Box 671                      <<
>> http://www.buoy.com              ><  Ridge, NY 11961                 <<
>> tps@unslept.com/tps@buoy.com     ><  (631)924-3728  (888) 924-3728   <<
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Reply to:

References:
- securing pop3
  - From: Kristof Goossens <kristof@xssass.be>

Prev by Date: securing pop3
Next by Date: Re: securing pop3
Previous by thread: securing pop3
Next by thread: Re: securing pop3
Index(es):
- Date
- Thread