On Mon, 9 Sep 2002, Max Okumoto wrote: > I am in the process of migrating users away from plain text passwds > over un-encyprted channels. Is there a way to syslog the names of > users that used plain text passwds for imapd and ipop3d?
You'll need to modify the software. The exact modifications that you need would depend upon your migration strategy/policy. Specifically, you need to define what it is that you intend to disable. Do you intend to disable all use of plaintext passwords, even over encrypted channels? Or do you intend to continue allowing plaintext passwords if the channel is encrypted. Do you intend to disable all use of non-encrypted channels? Or do you intend to continue to allow non-encrypted channels if the password is not plaintext. Are your client programs capable of using encrypted channels (SSL and/or TLS)? Most, but not all, clients are capable of using encrypted channels. Are your client programs capable of using non-plaintext passwords, and if so, which mechanism are you planning to use? Note that there is currently no non-plaintext password mechanism which is widely implemented, and some IMAP clients don't implement any. The answers to these questions have many implications, including implications on what it is you will syslog.
