Hi ;-)
[...]
Well, current CVS has some code for it, but it's still missing some configuration. Actually I'm not really sure how I should do that, I found one way but Postfix doesn't seem to doing that..
And secure? I doubt it, I did a quick audit to it a month ago and found 3 buffer overflows. I checked mostly just PLAIN mechanism which I use with Postfix, so there may well be more left in other auth mechanisms.
Personaly I don't like too mutch Cyrus SASL for lots of reasons :
I don't trust it a lot
this yet another lib to add to the thousands of lib used for authentication eg : server code (here dovecot) -> sasl -> pam -> mod_someth -> something lib -> something server -> db ..
Yes I know there is patch for sasl 1.x and there some other backend for sasl 2.x but I still don't like it.
Adding some lines of code into dovecot for authentication against MySQL (for example) or LDAP should not too mutch and mutch easy to debug / audit than a big library like SASL.
For my point of view, I going, when time available a patch for dovecot to do mysql auth, since I want to move from courier-imap (sorry) to a better solution that is dovecot.... (that I use at home using pam)... to get a 100% virtual account solution without adding 3rd party code... ;-)
my 0.02c
/Xavier
-- Xavier Beaudouin - Unix System Administrator & Projects Leader. For mail address, please check header of this mail. Spams are not accepted. Caudium: http://caudium.net/ Making friends with FreeBSD: Just because the system has panicked doesn't mean that you should panic too