[Dspam-user] User verify via LDAP w/ bind credentials?
Brought to you by:
paulcockings,
sbajic
From: Holger L. <lis...@li...> - 2009-09-16 17:18:26
|
Hi. My DSPAM runs now on the new system too. Many thanks to the guys maintaining packages.kirya.net! I used the server switch to modify and improve some configs and "administrative concepts". One of the planned changes is denying the anonymous / unbind read access to the LDAP directory. It might be a kind of paranoia setting, but it will increase system security a bit more. Checking the configs, documentations and the code of DSPAM I recognize that DSPAM does not support LDAP binding. It just requires a world-readable LDAP directory. This is possible, it is the default setting in OpenLDAP. But by using e.g. Active Directory this can be more problematic. My question is, is there a plan to improve the LDAP functions of DSPAM? Is this problem known? As the LDAP is not really much documented, can I help by testing and / or documenting? Best regards, Holger |