Ramya Krishnan wrote:
Michael Loftis wrote:
-nodes IIRC
--On December 15, 2005 12:43:53 PM +0530 Ramya Krishnan
<[EMAIL PROTECTED]> wrote:
Ken Murchison wrote:
Because the frontends proxy as the user to the backend, the IMAP LOGIN
command can not be used. The only plaintext SASL mechanism that can be
used is PLAIN, but you can't use it unless protected by TLS. Looking at
the CAPABILITY output above, it doesn't look like you've configured TLS.
You might also be able to fake this by running imapd on the backends
with
the '-p 2' option.
1. I have 2 backend servers and one proxy-cum/mupdate server. The
password comes as clear text over the network (unsafe) to proxy. Then I
am forced to use TLS between the backend and frontend servers... This
network is safe and i dun want the overhead of ssl... Is there a way to
overcome this
Do I have to use TLS for communication between the front-end and backend
servers??
You have to use a SASL mechanism which allows proxy authentication
(PLAIN, DIGEST-MD5, KERBEROS).
How can your frontend/backend network be considered safe, when you have
to allow clients to be able to access backends directly (for referrals)?
--
Kenneth Murchison
Systems Programmer
Carnegie Mellon University
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
