Hi,
I know configuring all this isn't so easy. In fact it's almost a lack of
documentation, I think.
Once it's compiled and configured it work preatty fine, and then you
have all features enabled for future uses or modifications (especialy
about cryptography and security).
Maybe most users should compile sorftware by themselves nstead of using
pre-compiles binary packages (rpm and pkg stuff.... (use ports instead
if you can :))
Please, don't just see what you need, but how it should be done (because
you almost never do it the best way), and how you can do it to it's best
actually. Keep in mind you can have to change something at anytime !
Even if sasl is one more layer, it have some features that pam itself
can't handle or offer.
Cheers,
Prune
David Wright wrote:
>
>
>> BTW, what is the fastest route?
>> imap -> sasl -> pam-ldap -> ldap server
>> imap -> sasl -> ldap server
>
>
> The fastest route to me seems to be:
>
> imap -> pam_ldap -> ldap sever
>
> Can we PLEASE produce a version of cyrus-imap imap WITHOUT SASL? PAM
> may be a smidgeon less flexible, but it is simplier, more widely used
> and supports many more authentication methods. Eliminating SASL might
> make life harder for the (guestimated) 10% of cyrus-imap sites that
> really use it, but it would make life immeasurably easier for the
> remaining 90% who spend countless hours just trying to circumvent it!
>
> Seriously, can someone who knows the code comment on how difficult it
> would be to replace SASL with another mechanism?
>
