On 2-mei-2007, at 13:23, Eric DV wrote: > > Dear Squirrelmail experts, > I have a small home server debian based, with postfix/dovecot/ > squirrelmail > installed locally and working. Dovecot is used non-secured (no > imaps) but > only on the 192.168.0.100 address (address of the server on the local > network). I want to use squirrelmail to read my email from outside. > Squirrelmail can configured to access it in particular, either through > cram-md5 or login auths. > In that situation, is it better (I mean more secure) to use : 1) auth > mechanim = cram-md5 or 2) auth mechanism = plain (using PAM > authentication > for dovecot) ? That will determine dovecot configuration. If you only allow connections from localhost or your lan address, I don't see why you couldn't stick with plain auth especially since it's your home lan and you can trust all the users on it. Cram-md5 however would allow you to open the server to the outside wan, if combined with some auth access to the postix also (I use cram- md5 / digest-md5 for both with the same sasldb). Then you can use for example your laptop somewhere else and use your regular mail client. Personally I'd prefer the latter. Another option would be using vpn and plain auth, but that's to much OT I guess. HTH Peter ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
