On Sat, 18 Jun 2005, Jan Kuznik wrote:
I miss a configuration option disabling plain text logins on unencrypted
connections EXCEPT connections from some trusted network.
In the main() routine of imap-200?/src/imapd/imapd.c, right after the line
which reads:
server_init (pgmname,"imap","imaps",clkint,kodint,hupint,trmint);
insert something like:
#define TRUSTEDNETWORK "105.69."
if (strncmp (TRUSTEDNETWORK,tcp_clientaddr (),sizeof (TRUSTEDNETWORK))
mail_parameters (NIL,SET_DISABLEPLAINTEXT,(void *) 0);
Of course, if you're IPv6 or if your network address isn't at an octet
boundary, you'll need a better test than the strncmp() above.
The important thing is that that mail_parameters() call is how you open up
plaintext authentication.
The other thing that you may want to consider is work out a way for your
webmail to pre-authenticate; that is, start imapd already logged in as the
user.
-- Mark --
http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.
_______________________________________________
Imap-uw mailing list
[email protected]
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw
