X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=doc%2Fauthentication.txt;h=d58e389548c5d839d2fb16a0c2b6b02d408e904f;hb=eaf1a31286fb9fc096ab235dd187f4bc8a3be571;hp=48d46a83bacdc98f1489afb760716aa50b1a983c;hpb=639c716482e432f35b6f8e3aeb4802562a3824c1;p=squirrelmail.git diff --git a/doc/authentication.txt b/doc/authentication.txt index 48d46a83..d58e3895 100644 --- a/doc/authentication.txt +++ b/doc/authentication.txt @@ -1,7 +1,7 @@ ********************************************** IMAP AND SMTP AUTHENTICATION WITH SQUIRRELMAIL -Preliminary documentation - 6 Dec 2002 -Chris Hilts chilts@birdbrained.org +$Id$ +Chris Hilts tassium@squirrelmail.org ********************************************** Prior to SquirrelMail 1.3.3, only plaintext logins for IMAP and SMTP were @@ -12,6 +12,11 @@ SMTP. TLS is able to be enabled on a per-service basis as well. Unless the administrator changes the authentication methods, SquirrelMail will default to the "classic" plaintext methods, without TLS. +Note: There is no point in using TLS if your IMAP server is localhost. You need +root to sniff the loopback interface, and if you don't trust root, or an attacker +already has root, the game is over. You've got a lot more to worry about beyond +having the loopback interface sniffed. + REQUIREMENTS ------------ @@ -23,7 +28,7 @@ CRAM/DIGEST-MD5 TLS * SquirrelMail 1.3.3 or higher -* PHP 4.3.0 or higher +* PHP 4.3.0 or higher (Check Release Notes for PHP 4.3.x information) * The "STARTTLS" command is NOT supported. The server you wish to use TLS on must have a dedicated port listening for TLS connections. (ie. port 993 for IMAP, 465 for SMTP) @@ -33,6 +38,14 @@ CONFIGURATION All configuration is done using conf.pl, under main menu option #2. +conf.pl can now attempt to detect which mechanisms your servers support. +You must have set the host and port before attempting to detect, or you +may get inaccurate results, or a long wait while the connection times out. + +If you get results that you know are wrong when you use auto-detection, I +need to know about it. Please send me the results you got, the results you +expected, and server type, name, and version (eg. "imap, Cyrus, v2.1.9"). + KNOWN ISSUES ------------