Noel, Perhaps passwords shouldnot be echoed to the log. ***** instead ?
-ph >Should we be warning admins that if the mail server has shell users or >network file visibility, they need to be sure to lock down the directory >containing the james logs, or at least the pop3server log? The reason being >that all commands received are echoed to the log ... including the user's >password. > >Alternatively, they could be told to change the logging level from DEBUG to >WARN. > >Comments? > > --- Noel > > >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
