> One more thing - since the IMail LDAP is running on our public mail > server, isn't it a security issue that anyone can read the LDAP > directory without a login?
The service is only open to spammers if you've let LDAP in through your firewall from anywhere, which is certainly not necessary for ldap2aliases to operate. > Specifically, doesn't this potentially allow spammers to harvest > email addresses from LDAP directories as soon as they realize this? If you leave it open and anonymous, yes. > Can IMail be reconfigured to run LDAP locked-down so read access > requires a password? (If so, what is the best way to do this). Yes. See openldap.org for lots of info. > Of course, if LDAP is locked-down then ldap2alias script will need a > "logon" commandline option so it can work. Yes, it does expect that anonymous read access between the gateway and the back-end server will be enabled--but, again, this doesn't mean that anonymous access is enabled from anywhere. Logon code can be added. > I've noticed that Outlook has an input field to specify a login > when configuring an LDAP directory service, so I assume most user > client apps will work with a locked-down LDAP; just unsure about > Imail itself. You should leave 127.0.0.1 open for write access. --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
