Re: Email login options
On 01/12/2006 09:49:50 AM, Tony Heal wrote:
What I am looking for are solutions/best practices for SMTP
authentication
so local and remote users can use our SMTP server, and pop
authentication
without depending on the Windows domain. Does anyone have any
suggestions
that does not require sending passwords over clear text and allows for
easy
to manage passwords without having to log into the mail server to
change a
users password.
Obviously, you need a separate password store. LDAP works
very well and was pretty much designed for this.
To allow users to change their password you either
run a webserver and write a php script (or whatever) or
you use the big ldap management tools, which must have
this feature built in even though I've not looked
at them to check. Unfortunatly,
I'm having a brain fart and can't recall their names.
RedHat bought one from Netscape and open-sourced it and
Novell recently-ish open sourced another.
Then, you require users to authenticate with TLS to do
anything. That'd be pop3s, imaps, and smtps.
It'll require messing with their clients.
Do not give your users unix accounts.
I'd recommend postfix as the MTA, easy to config and to
secure. You might look into cyrus for the mail store.
I know this will scale into the thousands of users, and probably
much higher than that.
Karl <kop@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
Reply to: