Re: The book of postfix
- Noel Jones wrote:
>I think Cyrus-SASL has been very useful in proving out the value of
>>> > I personally have found the whole SASL thing to be so
>>> amazingly ugly
>>> > and generally "sucky" that I would love to request something
>>> > completely different.
>>> Same here...
> I feel the dovecot support in postfix 2.3 nicely handles incoming
> authentication. The dovecot authentication is very simple to setup and
> doesn't require that you use dovecot as your pop/imap server if you like
> something else better. Dovecot can be trivially configured to use
> system passwords or a text file (or *sql or ldap if that floats your
> boat. Or all simultaneously).
> Dovecot does not link into postfix (postfix just references a socket) so
> there is no network exposure of additional code.
> So I feel safe and simple server-side authentication is already available.
> I think there is a great need for simple client-side authentication so
> home users that must authenticate to a ISP's server don't have to go to
> the trouble of linking in and configuring cyrus. A flat-file solution
> (maybe a simple add-on program) for this would be a tremendous improvement.
AUTHENTICATION and can go a long ways to help the configuration of roaming users
(when combined with TLS). Considering the fact that 2007 expects to be a year
where notebook sales exceed desktops it shouldn't be a surprise if the need for
a simplified, yet robust, method of doing full end-to-end AUTH+TLS becomes a
greater need of email servers.
The value for AUTH+TLS isn't really something that can be argued anymore. But I
would hate to think that our only option is to try and tie in Cyrus-SASL on all
these servers. That, in my opinion, is a whole lot of ugly...