postfix to cyrus-imap via lmtp?

[John Madden]

> No matter how I look at it, in order to do SMTP AUTH with encrypted
> passwords in the user database I still need the above mentioned patch
> for cyrus-sasl. Also means I still have to built everything from
> sources, including postfix.

Then the problem is really that debian's postfix packages don't include
postfix's SMTP AUTH/sasl patch, right?  I've done a lot of postfix builds
in the past and they're really nothing to be afraid of.  Even on the
machines where I run debian, I still build postfix from source to gain
access to things like LDAP and the latest versions.

> Is there a way to have uw-imapd log user passwords in the clear? With
> that I could collect all my users passwords and store them clear text in
> the database. Everywhere it says that this is not a good idea. But why?
> As system administrator I have access to everyones 'secret' emails
> anyways. Whether or not the passwords are clear text should be
> irrelevant.

What if a user gains access to your database?  Furthermore, what would be
the point of having them stored in plain text?  Might as well encrypt them
then.

John




-- 
John Madden
UNIX Systems Engineer
Ivy Tech State College
jmadden at ivytech.edu


---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html