9 Apr
2014
9 Apr
'14
6:42 p.m.
On 4/9/2014 5:45 AM, Timo Sirainen tss@iki.fi wrote:
By default Dovecot's login processes run in the "high security mode" where each IMAP/POP3 connection runs in its own process. This was done especially to avoid security bugs in OpenSSL from leaking users' passwords. So unless you have switched to the "high performance mode", users' passwords or other sensitive data couldn't have been leaked.http://wiki2.dovecot.org/LoginProcess
Hi Timo,
Hmmm... ours is set to high performance mode, but, I didn't set it up, you did...
Now I'm wondering why you did this... ?
What are the ramifications of changing this on a production server? Any possible problems/gotchas? user impact?
Thanks,
--
Best regards,
Charles