As part of the upgrade to vpopmail, we're considering removing clear
text passwords from the database. This will improve security, but at the
same time remove some (somewhat insecure) capabilitiy.
The biggest impact I think this will have is that admins will no longer
be able to look up someone's password. In the event that a user loses
their password, the administrator would reset the password to something
temporary, and the user would subsequently change it to whatever they
like. This is the practice followed in many (if not most) other
environments.
The other impact will be the elimination of cram-md5 as an
authentication option. While this doesn't really make QMT any less
secure, it might mean that some clients that were formerly configured to
use cram-md5 would fail to work until their configuration options were
changed.
I honestly do not have a good feel for which or how many devices may be
using cram-md5. There's also a chance that there exists some older
devices (old Nokia phones perhaps?) that use cram-md5 and are unable to
use TLS/SSL. I do doubt that such devices exist, but there's always that
possibility.
In any case, I think it would be prudent for QMT to provide SMTPS (port
465) before or at the same time that cram-md5 support is removed. This
is something we've talked about already, so assume that there will be
SMTPS capability should cram-md5 (and clear text passwords) be removed.
That's all I have on this at the moment. Any thoughts?
<shubes ducks>
--
-Eric 'shubes'
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
