On Fri, 12 Dec 2008 00:51:23 +0100, Sam Varshavchik <mr...@courier-mta.com> 
wrote:

> Martin Strand writes:
>
>> Using courier-pop3d, is there any way to disable simple USER/PASS login so 
>> that only AUTH login with CRAM-SHA1 works?
>> I tried setting POP3DAUTH="CRAM-SHA1" but USER/PASS still works...
>
> USER/PASS is always permitted. There is no toggle to turn it off.

Thanks.
Does anyone have any good tips on how to work around this at the moment?
Is there perhaps a way to configure a set of "banned" commands?
Maybe I could write a small pop3 proxy in Perl and intercept any USER/PASS 
commands?

As someone pointed out, SSL would make more sense but unfortunately that's not 
an option in this case.

------------------------------------------------------------------------------
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you.  Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to