[Dovecot] drac.c
Matthias Andree
matthias.andree at gmx.de
Mon Feb 13 14:16:22 EET 2006
"Takehiko Abe" <keke at gol.com> writes:
> I am using dovecot [1.0 beta3] as a pop server with drac. It is
Drac is an abomination that needs to go away.
I am requesting to unsupport it before Dovecot 1.0.
Drac is insecure by design, in that it doesn't authenticate the same
channel (but POP3/IMAP instead) that is being privileged (SMTP for
relay), and without any clue of how long dynamic IP mappings remain
stable. Better solutions are available (and have been for years), namely
SMTP AUTH, supported by all relevant mail transfer agents(*) and - IMO -
all relevant clients.
________
(*) I do not consider qmail relevant any more.
<http://home.pages.de/~mandree/qmail-bugs.html>
--
Matthias Andree
More information about the dovecot
mailing list