Hi,
SYSTEM: Exim 4.42 MTA Qpopper 4.0.5 on Tru64 UNIX
I am planning to move our email from a v. old server and popd to a fresh one. In the old configuration all the pop user where kept in a Plain text file 'POP' that was in a GECOS format.
I was wondering if it is possible to maintain a similar configuration. I have reservations about added all pop users to the /etc/passwd's file as some pop users will have also have a login account. If all the pop users are in the passwd's file, if someone snoops my plain-text password during a pop session, that would be stealing my login password as well.
First off, you can have accounts in /etc/passwd which do not have the ability to log in. Make the shell /bin/nologin or /bin/false or something like that. The users will be able to POP, but not get a shell and log in.
Second, don't leave telnet, ssh or FTP or other things open. Then they can't log in.
Third, you should be using shadow password setups.
Fourth, implement TLS, and your passwords will be encrypted. Or use APOP. Or both.
I want to keep the client configuration as simple as possible so APOP seems like it might be cause the users some confusion. One aim is to make the transformation as transparent as possible so I don't want the client's to have to do no more that perhaps change the pop3 host or maybe I would do something with the DNS to resolve the hosts correctly.
TLS is pretty simple to have users make use of. It's well supported by client software. Don't expect a majority of your users to use it though.
Does anyone know if the above configuration is possible or have any strong feeling about what I am trying to do?
Thanx. Dp.
~~ Dermot Paikkos * [EMAIL PROTECTED] Network Administrator @ Science Photo Library Phone: 0207 432 1100 * Fax: 0207 286 8668
