On 7.3.2007, at 19.33, Mike Brudenell wrote:
It was this thread that I'm thinking of: http://dovecot.org/list/dovecot/2007-January/018398.html
I think the eventual conclusion was that it was PAM -> crypt() ->
some sort of hardware crypting device.
Oh. That can also be prevented nowadays by using passdb pam { args =
blocking=yes } because then the PAM lookups are done in dovecot-auth
worker processes where login processes don't connect directly.
My main fear is that I get LDAP working fine without SSL, then turn
it on and find I'm stuffed by only having a maximum of 256 SSL
connections at a time. (If anyone can reassure me this won't be
the case? I'm running under Solaris 10 -- on a SPARC box at present.)
If you're using LDAP and something else than CRYPT-passwords then I
don't think there's even a possibility of it breaking with you.