[dovecot] Re: Some experiences
Timo Sirainen
tss at iki.fi
Sun Jan 5 22:33:05 EET 2003
On Sun, 2003-01-05 at 21:36, Paul C. Bryan wrote:
> > Maybe I should consider anyway using Cyrus SASL library, at least
> > optionally.
>
> Please do! It works, it's flexible, it's secure, and allows central
> administration of authentication.
Well, current CVS has some code for it, but it's still missing some
configuration. Actually I'm not really sure how I should do that, I
found one way but Postfix doesn't seem to doing that..
And secure? I doubt it, I did a quick audit to it a month ago and found
3 buffer overflows. I checked mostly just PLAIN mechanism which I use
with Postfix, so there may well be more left in other auth mechanisms.
More information about the dovecot
mailing list