Re: [exim] Why doesn't Exim authenticate against IMAP direct…

Top Page
Delete this message
Reply to this message
Author: Matthew Byng-Maddick
Date:  
To: exim-users
Subject: Re: [exim] Why doesn't Exim authenticate against IMAP directly?
On Mon, Aug 01, 2005 at 10:42:06AM -0700, Fred Viles wrote:
> On 1 Aug 2005 at 10:23, Marc Perkel wrote about
>     "Re: [exim] Why doesn't Exim authent":
> | What I'm thinking is to access port 143 directly. Do an IMAP login and 
> | if it succeeds then you disconect from imap and accept the email.
> FYI, it wouldn't work with CRAM-MD5 or other one-way-hash SASL 
> mechanisms.  The password would not be available for exim to pass to 
> the IMAP server.


There's no reason not to make Exim MITM properly in this situation. The
actual reason it's a Bad And Wrong idea is that it's much cheaper to do
the authentication steps than to set up a full IMAP login (which will,
by some necessity involve much more than just a bit of authentication).

The actual answer to the question in the subject of this thread, however,
is "because noone has yet needed to write it". The Cyrus-SASL support only
exists because I found myself needing it to be able to switch over from a
Postfix install to an Exim install in as transparent a way as possible.
There were things I couldn't do from within exim or with just the saslauth
daemon.

Cheers

MBM

-- 
Matthew Byng-Maddick          <mbm@???>           http://colondot.net/
                      (Please use this address to reply)