Plaintext only for loopback?
Chris Pepper
pepper at reppep.com
Sun Jan 13 01:59:48 EST 2008
Hello,
I want to allow plaintext auth only for SquirrelMail (running on the
Cyrus IMAPd server), and require encrypted authentication over all
physical network connections. I see several options governing plaintext
auth in the documentation for imap.conf:
> allowplaintext: 1
> Allow the use of cleartext passwords on the wire.
> plaintextloginpause: 0
> Number of seconds to pause after a successful plaintext login. For systems that support strong authentication, this permits users to perceive a cost of using plaintext passwords. (This does not affect the use of PLAIN in SASL authentications.)
> plaintextloginalert: <none>
> Message to send to client after a successful plaintext login.
In addition, my Invoca 2.3.7 RPM includes:
> allowplainwithouttls: 0
> Allow plain login mechanism without an encrypted connection.
So I'm left wondering: a) if there is a way to do this that I'm not
getting (perhaps "on the wire" is more subtle than my simplistic
reading), and b) if not, what's the best way to request/suggest this as
an enhancement. Should I just open a bug in Bugzilla, or is there a
better way?
Thanks,
Chris Pepper
--
Chris Pepper: <http://www.reppep.com/~pepper/>
<http://www.extrapepperoni.com/>
The Rockefeller University: <http://www.rockefeller.edu/>
More information about the Info-cyrus
mailing list