RE: how to use cyradm with imaps ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanx for all your answers, but this is not my original question :-)
" In fact, I don't use and don't want to use TLS, but IMAP over SSL."
	I don't want ANYTHING running on port 143.
	I don't want imap daemon running on my server, only imaps.
	I still want to be able to use cyradm, and use it through imaps 993.

Is it possible ?

Thanx,
Seb

-----Message d'origine-----
De : Jorey Bump [mailto:list@xxxxxxxxxxxxx] 
Envoyé : lundi 14 avril 2008 20:43
À : Andrew Morgan
Cc : Sébastien Rozier; info-cyrus@xxxxxxxxxxxxxxxxxxxx
Objet : Re: how to use cyradm with imaps ?

Andrew Morgan wrote, at 04/14/2008 12:44 PM:

> Isn't there a way to have Cyrus listen on the regular IMAP port (143) 
> but require a secure connection to login?  Some trick with 
> allowplaintext and/or sasl_minimum_layer?

Yes. For example:

   sasl_pwcheck_method: auxprop
   sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
   allowplaintext: no
   sasl_minimum_layer: 128

To connect with cyradm using TLS:

   cyradm localhost -tls

> Who cares if you listen on 143 as long as people aren't sending 
> passwords in the clear.  TLS is as good as SSL.

Agreed. Furthermore, it stops a lot of brute force password cracking 
attempts dead in their tracks, since most don't attempt to use encrypted 
connections (they're looking for low hanging fruit, I guess).


----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux