Re: pop3 server that supports LDAP?

[Terry Lambert <terry@whistle.com>]

Adam Tauno Williams wrote:
> Quoting jbarnett@axil.netmate.com:
> >Anyone know of a small, fast, stable and secure pop3
> >server that supports ldap?  It doesn't have to be a
> >"total solution email server", just a robust pop3, it
> >doesn't need imap support.  It shouldn't matter but
> >sendmail will be the SMTP server and the pop3 server
> >will run off Linux (X86) and Solaris (Sparc) boxes.
> 
> What do you mean by a POP server that supports LDAP?
> If the OS and the POP server support PAM (all RedHat's do)
> then your job is easy,  with RedHat you can do it will
> software of the CD.

This is not as cut and dried at it would appear.  If
the original poster intended "supports LDAP for doing
authentication", POP3 servers require that passwords
be in cleartext for APOP support, or that they be sent
in cleartext and hashed locally at the POP3 server, if
for USER/PASS authentication.

Either one of these has bad effects.  It is becoming
increasingly common to store passwords in plaintext in
order to ensure that whatever authentication method any
given program uses can be applied.

This isn't as disasterous as it sounds, so long as the
passwords are only ever accessed locally, or that remote
access to them is restricted to SSL-based connections.
It's really no different than having a shadow file that
you rely on the system to protect for you.


-- Terry Lambert
-- Whistle Communications, Inc., an I.B.M. Company
-- terry@whistle.com
-------------------------------------------------------------------
This is formal notice under California Assembly Bill 1629, enacted
9/26/98 that any UCE sent to my email address will be billed $50
per incident to the legally allowed maximum of $25,000.