[Dovecot] Nuby experiences
Hello all,
I am new to dovecot and have had a good experience so far. I'm using fetchmail - exim - dovecot - my email clients (mac os mail and thunderbird so far). I'm also using Ubuntu Server i.e. debian.
I didn't like the inflexibility of mbox so I did a tweak to exim to deliver mail to a Maildir folder in my home directory on the server. I restarted Dovecot and it found it! Very nice but mysterious. I don't remember if I did anything to the dovecot.conf file.
My clients balk at the ssl certificate that was created at install time. I see a little bit of documentation on SSL. I'll struggle with it.
I'm going to look at more client setups like evolution and a webmail client. Can anyone recommend a good ajax-driven webmail client?
Dovecot is good software. I'm happy I found it.
Victor Rini wrote:
My clients balk at the ssl certificate that was created at install time. I see a little bit of documentation on SSL. I'll struggle with it.
If you can get your clients to accept the SSL certificate forever, then they won't see the "scary" warning ever again. Alternatively, if you have the client passwords in plaintext, you can use CRAM-MD5 authentication without using SSL.
I'm going to look at more client setups like evolution and a webmail client. Can anyone recommend a good ajax-driven webmail client?
Check out RoundCube Webmail:
http://www.roundcube.net/which is a very nice (but somewhat preliminary) web client. The next release of Zimbra:
http://www.zimbra.com/is supposed to include support for any IMAP server (currently, it uses its own mail database). However, Zimbra is a considerably fatter install than RoundCube, as it requires installing their whole package (which includes their own tuned versions of MySQL, etc) in place of your normal distro packages. YMMV...
John
-- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Blvd Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5747
John Peacock wrote:
If you can get your clients to accept the SSL certificate forever, then they won't see the "scary" warning ever again. Alternatively, if you have the client passwords in plaintext, you can use CRAM-MD5 authentication without using SSL.
Interesting. I think Evolution support Cram-md5 but I'm not sure what thunderbird supports. I'm little bit familiar with ssl after working with OpenVPN. It's seems like any client worth its name supports ssl so I'll probably stick with that.
Check out RoundCube Webmail:
Round cube look pretty good to me and I don't mind struggling for a while with its growing pains. Thanks!
On Sun, 17 Sep 2006 14:03:16 -0700 Victor Rini victor-rini@comcast.net wrote:
Interesting. I think Evolution support Cram-md5 but I'm not sure what thunderbird supports.
Evolution supports CRAM-MD5, DIGEST-MD5, and NTLM; Thunderbird supports CRAM-MD5 (when using the 'Use secure authentication' option in the account settings); Outlook/OE support NTLM (with a similarly named option.)
Most decent mail readers support some sort of challenge-response authentication, but the downside is that the easiest way to support several schemes is to keep plaintext passwords on the server (which is bad news if the server gets compromised -- although an attacker could just as easily nab your SSL key and do other nasty things at that point.)
The obvious downside to challenge-response over an unencrypted connection is the fact that message data will still be sent in the clear, even if your authentication credentials weren't. If you're worried enough about the traffic being seen to worry about the password, you'd probably like to keep the message contents secure as well (that's the purpose of the password, after all...)
-- Ben Winslow rain@bluecherry.net
participants (3)
-
Ben Winslow
-
John Peacock
-
Victor Rini