Thanks, but believe me, I've been through these repeatedly. The "closest" I can find to this would be "LOGINDISABLED" which only applies to tls, which I don't want to use here. I'm also not talking about sasl "PLAIN" auth, either.Actually if you read the config files that are installed by default it tells you how to allow and disallow this!
Randall Augustus Alexander
from the "imap" config file:
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"
From the authdaemonrc file:
authmodulelist="authmysql"
No matter what, the server still accepts plaintext logins (and CRAM-MD5, of course). What's the deal? If I'm being utterly foolish as Sam asserts I'll admit it. I've tested with mozilla's IMAP client, and with Mulberry.
Ethan Weinstein
-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
