MC> The problem is that the server on the Win2K machine will be running with MC> SYSTEM privileges. The purpose of the Guest logon is to drop those MC> elevated privileges, so as to minimize the consequences if a bad guy MC> should find a way to corrupt the server.
Okay, thanks for the explanation! I see, sort of... ;) Is it not possible to drop these privileges under win2000, or has it just not been written into system_login() yet for this platform? Or, why not make it possible to run ipop3d as a "normal" user? I tried running it as this (just by starting it up via normal command line), with same "USER host:user" format, but it doesn't seem to work (ERR bad login) - I guess normal users don't have access to the net sockets or something? Is there some other access limitation that would make the proxy route not work with a normal-user process? IOW, Why does ipop3d have to run as system in the first place when only doing this proxying? Anyway, I know UNIX would be better, but I don't have any choice but to run it on Win2k - I don't have a UNIX server to set this up on... Even if I did, my secure line to my IMAP server necessarily goes directly from my laptop (port forwarding via SSH), so there's no way I could use another (UNIX) machine inbetween there. (What's really happening is that I'm using ipop3d to proxy e-mail from the local POP port to the local IMAP port.) - Paul -- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Paul A. | NCBI / NIH Thiessen | [EMAIL PROTECTED] +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -- ------------------------------------------------------------------ For information about this mailing list, and its archives, see: http://www.washington.edu/imap/c-client-list.html ------------------------------------------------------------------