[Dovecot] [OT] Is there a secure reverse IMAP proxy
This question is off topic. I ask this list because the question is related to security and IMAP and I guess the people in this list know a lot about both of that.
Is there a secure reverse proxy for the IMAP protocol? Something you can install on a bastion host which checks the IMAP traffic before forwarding it to the internal IMAP server?
There are these proxies for WebMail to IMAP connections but as far as I can tell they were not created for security reasons and not with security as primary goal.
Sven
On Fri, 16 Apr 2004, Sven Kirmess wrote:
[...] Is there a secure reverse proxy for the IMAP protocol?
I know about Perdition:
http://www.vergenet.net/linux/perdition/
... but I don't know how secure it is.
On Sun, 2004-04-18 at 09:27, Wouter Van Hemel wrote:
I know about Perdition:
http://www.vergenet.net/linux/perdition/
... but I don't know how secure it is.
Well, from my sent-mail (this was fixed later):
From:
Timo Sirainen tss@iki.fi To: horms@vergenet.net Subject: buffer overflow in perdition Date: 23 Oct 2002 00:48:42 +0300
token_read() doesn't seem to do any bounds checking, I could overflow buffer[] by 3k or something with "USER xxxx..etc.." with pop3. Don't know if it's exploitable.
participants (3)
-
Sven Kirmess
-
Timo Sirainen
-
Wouter Van Hemel