Re: [binc] allow plain auth in non ssl for localhost only????

[RYAN vAN GINNEKEN]

Realize that i started this thread along time ago and hope that it is 
still active have been busy lately and could not quite figure out where 
to start on this solution. However I have some security concerns now 
with some of my clients logging in externally with non ssl connection. 
My original message is included at the bottom of this mail just as a 
reminder of what was i was asking.

Think I am in over my head here could someone give me the specifics on 
how to run one of these configurations.  About all i can understand is 
that i need two instances of binc running is that correct?? but how do i 
make another directory like the imap and imaps directories with some 
make code in them.  Is there going to be 2 bincimap config files like 
changing the above mentioned files to contain the lines 
--conf=/usr/local/etc/bincimap/bincimap.conf.in and could one file would 
contain   --conf=/usr/local/etc/bincimap/bincimap.conf.out but how do i 
get one to bind to the internal interface 127.0..0.1 please help

Thank you in advance
Henry Baragar wrote:
On Wed, 31 Mar 2004 20:34:11 +0200, Peter Stuge <[EMAIL PROTECTED]> 
wrote:

On Wed, Mar 31, 2004 at 08:40:17AM -0500, Henry Baragar wrote:
Running two instances is a nice easy solution that I use today.  Why
complicate the code---which has the potential to introduce security
holes---by adding this feature?

Really only one reason - it's not possible/easy to bind to multiple
external interfaces without running even more tcpservers..
With envdir and an appropriate 127.:allow,ALLOWPLAIN=yes it's all good
though. :)
Even closer to the DJB way of doing things!-)
Henry

//Peter


It is me again did i mention how much i love BINC well i do.  Here is my 
problem well it is not really a problem this time more of a question.
I am using freebsd 4.9 stable apache 2.0.0.49 with openssl module and 
php4.3.4 module with squirrel mail version 1.4.2.  Also i use BINC imap 
version 1.2.3 postfix  2.0.18 let me tell you that setting all this up 
was not easy however the reward of getting all to work is like winning 
against the machine.  So here is my question i use BINC ssl  for my IMAP 
clients (Outlook Mozzila and the like) however using Squirrel mail on 
the localhost i do not and cannot use ssl.  So the only way i can get 
Squirrel mail to work is by setting the

allow plain auth in non ssl = "yes",            /* allow login or
                                                    authenticate
                                                    when not in
                                                    SSL/TLS mode */
please tell me there is another way because my clients will not enable 
ssl unless they have to and having users login with plain text would 
really really really suck.  There must be a way to specify talking to 
the local host without ssl is ok but talking to remote machines without 
ssl is not ok.   I  promise i will do a how to for freebsd for your 
website if want me to because i think BINC is a great product.