[Dovecot] Security Hole in 1.0.13?

Matthias Andree matthias.andree at gmx.de
Sun May 18 13:45:38 EEST 2008


On Sun, 18 May 2008, Timo Sirainen wrote:

> >   passdb vpopmail {
> >     #args =
> >   }
> 
> vpopmail would be one possibility, I have some doubts about its
> security.

Can you detail the spots you deem could take some more observation or
investigation? vpopmail, after all, is highly popular in qmail
environments which boast about their "security" (which is partially
based on "proof by claim" like arguments and sometimes 'substantiated'
by ad-hominem attacks of certain groups of people who can't bear
criticism).

-- 
Matthias Andree


More information about the dovecot mailing list