[PLUG] Any cyrus imap/sasl experts among us?
Wil Cooley
wcooley at nakedape.cc
Wed May 19 19:32:02 UTC 2004
On Wed, 2004-05-19 at 19:04, Sasha Romanosky wrote:
> Fwiw,
> I had sasl setup for ldap and smtp but dropped it for lack of real
> purpose, or benefit over ssl.
You can't really compare the two; while some of their capabilities
overlap, the combination of the two is usually the easiest and most
effective. For example, if you're only using SSL protect SMTP relaying,
then you're basically an open relay waiting to happen. Currently, no
one is exploiting this kind of setup since it's fairly rare, but the
potential for abuse remains. And if you want to authenticate with Cyrus
IMAP, you haven't any choice but to use SASL, although if you're using
PAM or passwd/shadow authentication, you really need to use SSL also to
protect your login and you protect your data in doing so.
Wil
--
Wil Cooley mailto:wcooley at nakedape.cc
Naked Ape Consulting http://nakedape.cc
* * * * * Portland's Premier Open Source Consultancy * * * * *
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20040519/e7658b1c/attachment.asc>
More information about the PLUG
mailing list