[Dovecot] passwd-file maintenance by users, other options

Eric S. Johansson esj at harvee.org
Sun Apr 4 08:26:15 EEST 2004


Maikel Verheijen wrote:

> Why don't you move to a database instead of having a password file? If 
> you use a database, you could easily write a php-web-interface for your 
> users where they can update or change their passwords.

I have a real problem suggesting using databases for something as simple 
as a password file.  kind of like using a bulldozer to park your car. 
cam be done but usually causes a boatload of damage and a great deal of 
regret.

a simple dbm file is sufficent for this task.  gdbm seems to be 
reasonable instance.

> The only thing you won't solve is the APOP issue, but since you already 
> support IMAP as well, why no allow pop3 too? Almost all clients support 
> ssl connections to both pop3 and imap, so why bother with the password 
> being sent plain-text over the wire?

very good sugestion.  a great tool for generating and managing certs in 
the small is tinyca.  http://tinyca.sm-zone.net/

--- eric


More information about the dovecot mailing list