On Fri, 12 Dec 2008 00:51:23 +0100, Sam Varshavchik <mr...@courier-mta.com> wrote:
> Martin Strand writes: > >> Using courier-pop3d, is there any way to disable simple USER/PASS login so >> that only AUTH login with CRAM-SHA1 works? >> I tried setting POP3DAUTH="CRAM-SHA1" but USER/PASS still works... > > USER/PASS is always permitted. There is no toggle to turn it off. Thanks. Does anyone have any good tips on how to work around this at the moment? Is there perhaps a way to configure a set of "banned" commands? Maybe I could write a small pop3 proxy in Perl and intercept any USER/PASS commands? As someone pointed out, SSL would make more sense but unfortunately that's not an option in this case. ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users