I had already posted
this on the german forums, but as suggested by BeNe I also make it public here.
After setting up 1.0RC2 and updating it to a more recent nighty, I have stumbled over some problems which might need changes in the future.
I already opened as a ticket are the
typos in postfix configs. Hey it is also been fixed already!
Next, courier-auth is sending DIGEST-MD5 and CRAM-MD5 for authentication. I think besides IMAP and POP3, also SMTP is affected (I didn't check if sasl is using courier or MySQL). Anyhow, MD5-based auth doesn't work without a computed hash. ISPCP user creation should be modded according to
this info. I personally prefer the generation of a userdb from MySQL as it realy speeds up mail server authentication, at least on my setup.
If MD5-based authentication works, we could kick out clear-text PASSWORD and LOGIN authentication on non-SSL connections, just to make sure a clear-text password is never being used.
Checking communication with several other public mail servers, I also had to find out that my self-signed certificate isn't accepted by some servers. Therefore mail is getting lost. I made it like Google and moved authentication completly to port 587. This said port 25 doesn't give AUTH or STARTTLS any more. 587 has to be used by every customer to send mail out, but it's working realy good. Perhaps it's an idea for 1.1.
Less on security, mailbox quotas aren't implemented per-user. Just like having an option to give every mailbox access to POP/IMAP and anti-virus/spam. I will check these and submit patches if I can.
Last, mail forwards are counted like mailboxes although they should be handled individually just like domain aliases.
Okay, that's it for some real long post.
Search
Member List
Calendar
Help
