After talking to some people about APOP using the PINE IMAP/POP2/POP3
server I discovered that I had an incredibly stupid bug in my
qmsptd script where anyone that could read the password file on the
server could "break in" and get someone else's mail.
This has now been fixed. I extended the /var/qmail/control/passwords
file that I had already been using to include the Maildir of the
outgoing mail and not get the information from the /etc/passwd file.
So now everything is self-contained in the /var/qmail/control/passwords
file which can be protected from prying eyes.
The new version is 1.7 and can be found at:
ftp://summersoft.fay.ar.us/pub/qmail/qmail-smtp-1.7.tar.gz
This is "e-mail ware"...if you like it, send me some e-mail.
The previous versions have been downloaded a lot more than I expected
(people must at least be looking at it! :-) but I haven't gotten
any reports of people using it. Maybe they don't like it? :-)
*** RUSS NELSON: Please change the version to 1.7 in your www.qmail.org
web page.
Thanks!
P.S. - By tomorrow or the next day I should have a "secure" version
of the Pine IMAP/POP2/POP3 server that uses APOP with the POP3 protocol.
--
David Wayne Summers "Linux: The choice of a GNU
generation."
david@summersoft.fay.ar.us PGP Public Key available on
request.
PGP Key fingerprint = C0 E0 4F 50 DD A9 B6 2B 60 A1 31 7E D2 28 6D A8
server I discovered that I had an incredibly stupid bug in my
qmsptd script where anyone that could read the password file on the
server could "break in" and get someone else's mail.
This has now been fixed. I extended the /var/qmail/control/passwords
file that I had already been using to include the Maildir of the
outgoing mail and not get the information from the /etc/passwd file.
So now everything is self-contained in the /var/qmail/control/passwords
file which can be protected from prying eyes.
The new version is 1.7 and can be found at:
ftp://summersoft.fay.ar.us/pub/qmail/qmail-smtp-1.7.tar.gz
This is "e-mail ware"...if you like it, send me some e-mail.
The previous versions have been downloaded a lot more than I expected
(people must at least be looking at it! :-) but I haven't gotten
any reports of people using it. Maybe they don't like it? :-)
*** RUSS NELSON: Please change the version to 1.7 in your www.qmail.org
web page.
Thanks!
P.S. - By tomorrow or the next day I should have a "secure" version
of the Pine IMAP/POP2/POP3 server that uses APOP with the POP3 protocol.
--
David Wayne Summers "Linux: The choice of a GNU
generation."
david@summersoft.fay.ar.us PGP Public Key available on
request.
PGP Key fingerprint = C0 E0 4F 50 DD A9 B6 2B 60 A1 31 7E D2 28 6D A8