After thinking about bug #2922 some more, and discussing it with Jeff, I
now agree that it would be nice to have the allowplaintext option
control both the protocol-specific plaintext login commands (IMAP,
LOGIN, POP3 USER/PASS, NNTP AUTHINFO USER/PASS), and the plaintext SASL
mechanisms (PLAIN, LOGIN). However there is still one outstanding
problem, which is that the allowplaintext option is enabled by default,
meaning that PLAIN w/o TLS would be enabled by default, thus violating a
MUST [NOT] in RFC 3501, with a side-effect of making me quite ill.
Since sending passwords in the clear sucks, and I would like to think
that most reasonable admins disable this option anyways, would anyone
have a major gripe if we change the allowplaintext option to default to
disabled in the 2.3.9 release? Obviously, we will document this change
prominently in the release notes.
https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2922
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
