Menu
▾
▴
Re: [fetchmail-devel] [PATCH] Fix KPOP
|
From: Miloslav T. <mi...@re...> - 2007-01-31 18:27:31
|
Matthias Andree napsal(a): > Perhaps I'm paranoid, but I would like to make sure that this KPOP PASS > %s can only ever send a fake password rather than the real one. > I'm assuming here that the KPOP stuff relies on a Kerberos ticket the > user has authenticated for separately, for instance, with kinit. > > Questions: > 1. Is my assumption above correct? The only KPOP server I could find is cyrus-imapd, which completely ignores the password submitted with PASS. I wasn't able to find any specification of KPOP, so I don't know for sure. I can imagine a server that requires both Kerberos authentication and the correct password. > 2. Can we send "PASS password" or "PASS secret" or "PASS > using-kerberos-ticket-instead" literally, without falling back to the > ->password field, in case the user accidentally configures it or leaves > it in after switching to Kerberized POP? See 1. > 3. Could some arrange a login and mail address for me on a KPOP server > so I can test? As far as I understand, KPOP implies POP3 on port 1109 > with out-of-band Kerberos IV authentication. (or perhaps Krb. V). I'm afraid I don't have a permanently running computer available on which I could set this up. Mirek |
