On Thu, 01 Mar 2001, Richard Lyon wrote:
>
>
>I work for a company that had a mail server operating prior to my starting.
>It is a Slackware system running qmail-1.03. It is configured with
>/home/maildir for the users. The rest of the network is NT controlled. Most
>users are running Eudora Pro for a client. There is limited use of Outlook
>at the same time. The password request uses the shadow password for
>authentication. My CTO recently started asking about switching to APOP
>instead of POP for logins. He started a packet sniffer and pulled the user
>name and password for the mail transfer. As a result of this he wants a
>more secure method used. From what I have been finding the only program
>that works with qmail is checkpw. The drawback I see is that the users
>password is stored in cleartext in the home directory. Since the CTO does
>not want either of us to know these due to company policy (currently when a
>password is changed I activate passwd and have the user enter the new one).
>Is there a way to use the shadow password, or a program that does not use a
>cleartext file? I do have a password generator program that can be run to
>give me an encoded password. I use this to generate a UNIX compatible code
>to activate the CVS program in the NT environment for development.
>
>Thanks in advance,
>Richard Lyon
>Network Administrator
>
>AbsoluteFuture, Inc.
>NE 8th Street, Suite 1414
>Bellevue, WA 98004
Go to www.qmail.org and search through the document for apop. You should find 2 items,
the second of which sounds like what you want.
--
***********************************
Matthew H Patterson
Unix Systems Administrator
National Support Center, LLC
Naperville, Illinois, USA
***********************************
