[Dovecot] Root password or key access to pop3?

Mark E. Mallett mem at mv.mv.com
Tue Jul 5 22:37:04 EEST 2005


On Tue, Jul 05, 2005 at 02:50:56PM -0400, Matt Juszczak wrote:
> >You could keep the passwords in plain text form in an sql table for 
> >dovecot to access, you could then easily plug this into a PHP script. Or 
> >just give them access to the MySQL database.  We as an ISP keep passwords 
> >in crypt or MD5 form as well as plain text in the SQL so the customer's 
> >control panel can reveal their E-Mail and FTP passwords upon request.
> 
> This really isn't an option for us.  We use LDAP as a back end and all the 
> passwords are in crypt already.  We need a way for our pop server to 
> accept a "pass all" password of some sort so we can access anyone's mail 
> via pop3 without knowing their password...

That's pretty dangerous.  Slightly less dangerous would be to give your
tech people a way to change a customer's password temporarily and to
revert it back to the old one when they are done.

mm



More information about the dovecot mailing list