|

selective disable_plaintext_auth

View: New views

4 Messages — Rating Filter: Alert me

	selective disable_plaintext_auth by Mariano Absatz :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, I've been using dovecot for some time now, always with the setting: disable_plaintext_auth = yes so that no user can accidentally expose their username/password in the open. However, I'm now trying to configure a webmail client in a nearby server which doesn't support TLS or SSL IMAP connections :-( Is there any way to allow plaintext_auth only for a small set of IP addresses (for what I see in the comment, this is automatic for local addresses, alas, the webmail client is on another host). TIA -- Mariano Absatz - "El Baby" el.baby@... www.clueless.com.ar -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - Theory is when you know something but it doesn't work. - Practice is when something works but you don't know why. - Usually we combine theory and practice: Nothing works and we don't know why. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- * TagZilla 0.066 * http://tagzilla.mozdev.org
	Re: selective disable_plaintext_auth by Timo Sirainen :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Tue, 2009-11-10 at 17:41 -0300, Mariano Absatz wrote: > Is there any way to allow plaintext_auth only for a small set of IP > addresses (for what I see in the comment, this is automatic for local > addresses, alas, the webmail client is on another host). # Space separated list of trusted network ranges. Connections from these # IPs are allowed to override their IP addresses and ports (for logging and # for authentication checks). disable_plaintext_auth is also ignored for # these networks. Typically you'd specify your IMAP proxy servers here. #login_trusted_networks = signature.asc (204 bytes) Download Attachment
	Re: selective disable_plaintext_auth by Mariano Absatz :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Tue, Nov 10, 2009 at 19:44, Timo Sirainen <tss@...> wrote: > On Tue, 2009-11-10 at 17:41 -0300, Mariano Absatz wrote: >> Is there any way to allow plaintext_auth only for a small set of IP >> addresses (for what I see in the comment, this is automatic for local >> addresses, alas, the webmail client is on another host). > > # Space separated list of trusted network ranges. Connections from these > # IPs are allowed to override their IP addresses and ports (for logging and > # for authentication checks). disable_plaintext_auth is also ignored for > # these networks. Typically you'd specify your IMAP proxy servers here. > #login_trusted_networks = It seems my version is too old for this... I'm using the standard ubuntu server package (1.1.11-0ubuntu4.1 http://packages.ubuntu.com/jaunty-updates/dovecot-imapd), which seems to be 1.1.11 plus security patches... In what version did this feature appears? -- Mariano Absatz - El Baby www.clueless.com.ar
	Re: selective disable_plaintext_auth by Timo Sirainen :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Wed, 2009-11-11 at 02:16 -0300, Mariano Absatz wrote: > > #login_trusted_networks = > It seems my version is too old for this... I'm using the standard > ubuntu server package (1.1.11-0ubuntu4.1 > http://packages.ubuntu.com/jaunty-updates/dovecot-imapd), which seems > to be 1.1.11 plus security patches... > > In what version did this feature appears? Looks like it's only in v1.2. signature.asc (204 bytes) Download Attachment