Henry Baragar wrote: > Running two instances is a nice easy solution that I use today. Why > complicate the code---which has the potential to introduce security > holes---by adding this feature?
One thing that I might find useful is to allow localhost and local net to allow plain auth in non ssl, but for other connections to require ssl. At the moment, I've got BincIMAP configured to always allow plain auth, because my router's not configured to forward the IMAP port (so external clients can't connect to it), and is configured to forward the IMAPS port. I'm not totally enamoured with maintaining two configuration files. I understand that v1.3 allows configuration to be stored in the environment, so presumably some magic with tcprules could implement this? Cheers, Roger.
