Re: Building an IMAP server
On Thu, Feb 06, 2003 at 01:48:00PM -0800, nate wrote:
> > result in plain text authentication, which is not exactly
> > secure.
>
> use IMAPS then.(IMAP over ssl). sslwrap can provide this functionality
> to any IMAP server. I personally prefer plain text auth, makes things
> simplier, but of course that means using some sort of lower layer encryption
> like SSL or VPN to secure the link.
Well, all users directly connecting to the IMAP port will be employees
from the local LAN. External access to the mailboxes will be possible
only by using a webmail client that runs on an apache-ssl server
located in the LAN. Thus, no data is intended to go outside in
unencrypted form.
This allows me to go the simple way; it would just be nicer to have a
bit more security.
> > Does SASL use LDAP?
>
> Openldap can use sasl(not required, I build my openldap debs w/o
> sasl), but it currently uses the "older" sasl, which is different from
> the one included with cyrus 2.
Alas, why are these things so complicated? One should think that
securely authenticating users, as the common standard task that is,
should be a very easy game.
> > disc. Users will be forced to move their older mail to their folders under
> > archives.* by setting quotas accordingly. Thanks to cyrus, this can be set
> > up transparently.
>
> only drawback is cyrus has no quota notification so you need to write
> some sort of script if you want to be notified. squirrelmail has a quota
> plugin which works with cyrus, it shows a % as well as MB/kb used/avail
> on the left frame of the app.
Ja --- I already wondered why I didn't get any quota warnings on my
testing mailbox, but yesterday evening I found out that cyrus gives
them only as responses to IMAP requests. Wheather the user is actually
being warned or not, fully depends on the client :/
> I wrote a really ugly script last year
In response to a request on the info-cyrus list, someone mailed me a
script to check quotas :) I'll see what it does soon.
GH
Reply to: