And of course you _still_ need SSL since the browser will send the
pass clear otherwise for SquirrelMail to encrypt into MD5.
The thought that I often see is that the connection between
SquirrelMail running on the server is local and therefor more secure,
which is true to a limited degree. The problem is that there isn't a
real easy way to say local connections can be PLAIN, but someone
running Mail on a remote Mac has to use MD5. It's really an all or
nothing sort of deal.
This is something I've often thought about.
I had too many legacy clients configured when I switched to OS X Server
for Mail, and due to the transition, couldn't migrate certificates
across appropriately.
I'd really love to be able to restrict insecure logins to the local
host only, but I haven't seen any way to do this. Have you found
anything at all that points in this direction?
nigel
--
Nigel Kersten Systems Administrator
College of Fine Arts, UNSW Sydney, Australia.
CRICOS Provider Code: 00098G
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
