[Date Prev][Date Next]
Re: (ITS#5195) ssf not available during sasl bind
--On Monday, October 29, 2007 11:15 PM +0000 firstname.lastname@example.org wrote:
> Stay focused on the original ITS topic.
Discussing further with Howard offline, he notes that ssf=<n> is the
minimum, not the requirement, so in the case I was thinking of:
would be sufficient in that specific case, although all connections are
forced to be encrypted at that point. I'm not sure the security directive
then satisfies allowing anonymous binds to be unencrypted, which is why
then using ACL statements is a better route for that data you specifically
want to ensure is protected.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration