thoughts on running an IMAP-over-SSL server exposed to the Internet?
wes at umich.edu
Fri Mar 27 19:34:52 EDT 2009
On 27 Mar 2009, at 14:06, Florin Andrei wrote:
> The thing worrying me at this time is some stupid buffer overflow
> in the
> IMAP server code. I have no idea what's the security history of this
> server, even though I've been using it for quite a while, because
> it was
> always in tightly controlled environments. Exposing it to the Internet
> changes the game.
It's a very popular open source IMAP server, typically run exposed to
the Internet at large. That certainly far from a guarantee that it's
bug free, but intruders have had ample opportunity probe the code
over the years.
More information about the Info-cyrus