Plaintext only for loopback?
Bron Gondwana
brong at fastmail.fm
Sun Jan 13 06:30:59 EST 2008
On Sun, Jan 13, 2008 at 01:59:48AM -0500, Chris Pepper wrote:
> Hello,
>
> I want to allow plaintext auth only for SquirrelMail (running on the
> Cyrus IMAPd server), and require encrypted authentication over all
> physical network connections. I see several options governing plaintext
> auth in the documentation for imap.conf:
Run two imapd instances from cyrus.conf, one on a high port that you
firewall from everywhere but the squirrelmail server, and the other
config on the standard port deny plaintext. Then just point
squirrelmail at the high port in its config.
You just need to specify "-C /etc/imapd-sm.conf" or something for the
squirrelmail one. Personally I would generate both from a template
stored in version control.
Bron.
More information about the Info-cyrus
mailing list