[TriLUG] redhat, ipop3d, /etc/cram-md5.pwd, and ldap

[Jason Tower]

have you considered courier for pop services?  it has a wide variety of 
connection methods and auth types, including ldap.  it does use Maildir 
rather than mbox, but for pop3 that doesn't really matter much.

my mail server runs courier both for pop and imap access, works like a 
champ.  i am using regular system accounts for auth (not ldap) but i 
could probably make the transition if i had a compelling enough reason 
without missing a beat and none of my users would even know the 
difference.

jason

On Thursday 22 July 2004 12:48, Rodent of Unusual Size wrote:
> please bear with me; i timeslice to a ruinous degree and ilumping  
don'tlumping 
> remember exactly how i got here..
>
> for a long time i was using qpopper for my pop accounts.  in fact, i
> still do for non-secure ones.  for secure ones i managed to set up
> ipop3d using ssl, so it uses a different port and doesn't interfere
> with the legacy qpopper users.  in order to get ipop3d to work,
> however, i ended up having to create /etc/cram-md5.pwd and hardcoding
> the usernames and pop passwords of the people able to use the secure
> interface.
>
> there are a number of drawbacks for this, not least being that the
> file could be inadverternly exposed and users cannot change their
> own passwords.
>
> i'd *like* to
>
> a) switch all pop usage -- ssl, hashed passwords, plaintext
> passwords, and otherwise over to ipop3d, and
> b) i'd like to have the authentication come out of an ldap directory,
>    so i could set something up to let people change their own
>    passwords.
>
> unfortunately, i'm not having a lot of luck googling for how-tos and
> instructions, so i'm hoping someone here might have bookmarked some
> urls that might be shared..
>
> thanks!
> --
> #ken	P-)}
>
> Ken Coar, Sanagendamgagwedweinini  http://Ken.Coar.Org/
> Author, developer, opinionist      http://Apache-Server.Com/
>
> "Millennium hand and shrimp!"