Eric DV wrote:
> Dear Squirrelmail experts,
> I have a small home server debian based, with postfix/dovecot/squirrelmail
> installed locally and working. Dovecot is used non-secured (no imaps) but
> only on the 192.168.0.100 address (address of the server on the local
> network). I want to use squirrelmail to read my email from outside.
> Squirrelmail can configured to access it in particular, either through
> cram-md5 or login auths.
> In that situation, is it better (I mean more secure) to use : 1) auth
> mechanim = cram-md5 or 2) auth mechanism = plain (using PAM authentication
> for dovecot) ? That will determine dovecot configuration.
> Thank you
>
> Eric
Since this is your home server, you have access to the Apache config files:
see /etc/httpd/conf.d/squirellmail.conf
Add this section to it: (or better yet, create a new conf file in that
directory... I use dnr.conf to add all my own config changes.)
This ensures that access to squirrelmail is via https, so then even if
your userid/password is "plain text", it's encryptedand highly unlikely
to be intercepted.
# DNR 22 Oct 2006 - Force ssl for mail (password protection)
# (Note RewriteCond =off is a php regex, do not put spaces in
<Location ~ /webmail>
RewriteEngine on
RewriteCond %{HTTPS} =off
RewriteRule .* https://%{SERVER_NAME}/webmail/ [R,L]
</Location>
restart Apache (httpd)
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
--
squirrelmail-users mailing list
Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines
List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
