On Wed, 16 Sep 1998, Doug S wrote:
> In the last two years, the UW pop/imap package got hit twice - but
> fixes were promptly released. This is the code I'm using (partly
...
> If you *just* want POP, the Qualcomm qpopper is well thought-of. It
> had a recent security hit too, but that was promptly fixed.
Qpopper has been hit before, although minor. It used to allow
unlimited, unlogged login attempts. Very easy to setup a brute-force
system.
Anyhow, no exploits have been found in Cyrus imapd/popd server. Cyrus
is also tons faster than Qpopper (standard UNIX mailbox format is terrible
for large messages).
> --
> Doug S. (doug@???) (http://cc.ysu.edu/~doug/)
>
> If you get hung up on what you did wrong, you're never gonna get anywhere.
> -- Kenneth Copeland
Tom
--
*** Exim information can be found at
http://www.exim.org/ ***
