[POLL] Defaulting allowplaintext to disabled
Martin Konold
martin.konold at erfrakon.de
Wed Mar 28 04:49:59 EST 2007
Am Tuesday 27 March 2007 schrieb Ken Murchison:
Hi Ken,
> control both the protocol-specific plaintext login commands (IMAP,
> LOGIN, POP3 USER/PASS, NNTP AUTHINFO USER/PASS), and the plaintext SASL
> mechanisms (PLAIN, LOGIN).
Yes, this is a good idea.
> Since sending passwords in the clear sucks, and I would like to think
> that most reasonable admins disable this option anyways, would anyone
> have a major gripe if we change the allowplaintext option to default to
> disabled in the 2.3.9 release?
I think this is absolutly sane and actually what todays administrators expect.
> Obviously, we will document this change
> prominently in the release notes.
>
> https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2922
What about adding an option to limit the plaintext login commands to
IPs/IP-Range? For all useful purposes I can imagine this would be really
helpful.
Regards,
-- martin konold
--
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Sitz: Stuttgart - Partnerschaftsregister Stuttgart PR 126
http://www.erfrakon.com/
More information about the Cyrus-devel
mailing list