John Peacock wrote: > Brian Szymanski wrote: >> I want to restrict my auth handlers for plain and login to secure (SSL >> or TLS) connections, so that CRAM-MD5 is the only one that can be used >> with plaintext. > > The recommended way to deal with that is to run branches/0.3x and use the file > config/tls_before_auth config, which (if 0), only displays AUTH *after* tls > has > been enabled. Then you can support whatever AUTH mechanisms you like, in > perfect safety. The majority of modern MUA's support TLS, so this shouldn't > be > a stretch.
Shouldn't that be if config/tls_before_auth != 0 then it displays AUTH only after STARTTLS? Regards James Turnbull -- James Turnbull <[EMAIL PROTECTED]> --- Author of Pro Nagios 2.0 (http://www.amazon.com/gp/product/1590596099/) Hardening Linux (http://www.amazon.com/gp/product/1590594444/) --- PGP Key (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0C42DF40)
signature.asc
Description: OpenPGP digital signature
