Hey Eric, Don't worry, no offense taken whatsoever.
I totally agree on your view on pop3 and the security implications involved. I am not using pop3 myself and probably never will. On my small server I moved most clients over to the SSL version or even IMAP-SSL. Since you mentioned that dovecot is going to replace courier in the future, should I drop the courier packages and use dovecot instead? If you could link me to some resources that will help me that would be great. If the development list is interested in Qmailtoaster with Chef I will make sure to join. I do think that this combination is great for new setups and takes away a lot of configuration type scripting from the RPM packages. Heck, it could even allow us to deploy Qmailtoaster on any system if we went down to source code compiling without rpmbuild (which also works fine as other cookbooks use it, like the daemontools cookbook that already exists). Cheers, Sebastian On 09.03.2013, at 05:27, Eric Shubert <[email protected]> wrote: > On 03/08/2013 11:18 AM, Eric Shubert wrote: >> On 03/08/2013 12:50 AM, Sebastian Grewe wrote: >>> Hey List, >>> >>> I have been working on my Chef Cookbook for Qmailtoaster lately and >>> was working on minitests and noticed something strange: >>> >>> /var/qmail/supervise/pop3 is missing. At first I thought my unit test >>> failed because I made a mistake but then realized there was no pop3 >>> running at all. >>> >>> /var/qmail/supervise/pop3-ssl does exist and works fine, my test user >>> could login and see the mails. >>> >>> Has anyone noticed this with a fresh installation? Or am I missing >>> something here? >>> >>> Cheers, >>> Sebastian >>> --------------------------------------------------------------------- >> >> I haven't noticed, but I haven't been in a situation lately where I >> might notice. I'd like to make a few comments regarding pop3 though. >> >> First is that while qmail-pop3d can handle TLS (IIRC), there's no way to >> mandate that clients use a secure connection. This is a security hole >> that is removed when only pop3-ssl is available. >> >> Second, pop3 chores will be taken over by dovecot when dovecot is >> formally integrated into the stock QMT. Dovecot will handle both imap >> and pop3 processing, and can enforce secure connections so that >> passwords aren't sent in the clear. >> >> Many QMT operators already use dovecot, as it is far superior to courier >> for IMAP processing. It's pretty simple to convert from courier to >> dovecot, and there are some dovecot binary packages available in the QTP >> repo which can be installed using yum, and are appropriately built and >> configured for use with QMT. See the wiki for more details. >> >> Thanks go to many community members who have helped to get dovecot >> integrated with QMT. I hope we can complete the process sometime this >> year so that dovecot is "stock", and courier is no more. >> >> If you're interested in more about this, please join us on the >> development list. > > After reading this post, I see that the message could be interpreted more > than one way, and I'd like to clarify. > > While I hope and expect that the devel list will become more active in the > future, I didn't mean to imply that this post was inappropriate for this list. > > I am (and I hope that others are) grateful to Sebastian for his > contributions. The software he's writing is leading edge stuff, people. He's > doing some of the groundwork I wish I had time to explore. I expect his work > will be part of QMT's future, one way or another. > > Thanks, Sebastian. > > -- > -Eric 'shubes' > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
