[EMAIL PROTECTED] writes: > IIUC it really depends on the pop daemon you use and how you have it > set up -- for instance, I know it is possible to have separate > authentication information for pop than for user accounts if you are > running qmail-pop3d w/ checkpw. I haven't used other pop systems in > a long time, but I have this fuzzy recollection that some of them > don't have to be linked to user passwords either. Perhaps someone > more in the know can comment on this.
With qpopper, you can assign APOP secret phrases using the `popauth' command, which can be distinct from the system password. > Exactly [1]. So IIUC the following should be theoretically > possible: > > 0) tmda-ofmipd is used in personal mode w/ ~user/.tmda/tofmipd > > 1) Client uses CRAM-MD5 to interface w/ tmda-ofmipd > > 2) tmda-ofmipd uses APOP to interface w/ pop server If you already using ~user/.tmda/tofmipd to authenticate, why would you then need to reauthenticate against an APOP server? > I had the impression that it was not currently possible. That's correct. > If no, will you consider the CRAM-MD5 + tmda-ofmipd + APOP > combination? Sure, but you'll have to convince me it's necessary, or even useful first <wink>. > #! /bin/sh > > # start tmda-ofmipd for this user > > TMDA_OFMIPD=/usr/local/src/tmda/bin/tmda-ofmipd > AUTH_FILE=/home/$USER/.tmda/tofmipd > HOST=127.0.0.1 > PORT=8025 > POP_PORT=110 > > $TMDA_OFMIPD -d -u $USER -a $AUTH_FILE -p $HOST:$PORT \ > -R apop://$HOST:$POP_PORT This looks fine, as long as the user's MUA isn't authenticating via CRAM-MD5. > I got the impression from the 0.62 release info that for certain > things Python 2.2 is required. Python 2.0 and 2.1 is still supported for the vast majority of TMDA. Certain features require 2.2 however (e.g, SMTP over SSL), but those are optional features. If you don't need to use them, you don't need to upgrade. Although unless you have a specific reason not to, you might as well upgrade to 2.2.1. It contains lots of bugfixes and performance improvements relative to earlier releases. The rfc2822 header parsing is also much better. > Is it the case that Python 2.2 is now required for tmda-ofmipd > itself? This has been the case ever since tmda-ofmipd was introduced. See ``Requirements'' under http://tmda.net/tmda-ofmipd.html. The reason for this is because os.setgroups() was only introduced in 2.2 -- this is an essential feature when tmda-ofmipd is started as root. > [2] Sadly, not many mail clients have support for setting up a > tunnel w/ ssh before sending/receiving mail. Why is this necessary? As root, you can setup a global ssh port forward that every user can use. Users can do the same from the command line. Mail client support is not necessary. See the ssh example I posted earlier. David's stunnel example also applies. _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
