Arguably disabling plaintext passwords for non-SSL inbound TCP connections
from the bad outside world is useful.
However - (local) tools such as Squirrelmail (www.squirrelmail.org) are
unable to do SSL on 993 outright or do an upgrade StartTLS on 143.
So somehow it would be nice to for example excempt inbound connections
from/to 127.0.0.1 from no-plaintext rule; whilst still enforcing it for
outside connection.
In order to get the best of both worlds I've found myself adding things
like this:
...main(int argc )...
.. rc reading, linkage.c....
..
if((argc>1)&&(strcmp(argv[argc-1],"-plaintextok")==0)) {
mail_parameters (NIL,SET_DISABLEPLAINTEXT,NIL);
argc --;
}
..server_init()..
to the main() in imapd.c (with inetd.conf for the outbound differently
that inetd.conf for the 127.0.0.1 interface) or a INADDR_LOOPBACK==sin..
check to accomplish the same.
Are there any plans for such long term ? Would it help if I submit a patch
for the above - based on either a command line argument (i.e. which
one would set from inetd.conf) or a INADDR_LOOPBACK check ? Or do people
feel that every imap client should learn SSL as soon as possible ?
Cheers,
Dw.
--
-----------------------------------------------------------------
For information about this mailing list, and its archives, see:
http://www.washington.edu/imap/imap-list.html
-----------------------------------------------------------------
