From: Konstantin R. <ic...@ph...> - 2001-07-13 14:54:08
|
Sur Fri, Jul 13, 2001 at 04:41:18PM +0200, Philippe Mingo skribis: > >From the mail_fetch-secure readme: > -------------------------------------------------------------------------= --- > In order to secure a little bit the system, pop3 passwords can be encrypt= ed. > The encryption key may be defined in to places. The first, and more secur= e, > is in the httpd configuration as an environmental variable called MF_TIT > only accessible from the squirrelmail directory. >=20 > the way you can do this from apache is adding the following directives to > httpd.conf (supposing that squirrelmail is located at /usr/local): >=20 > <Directory "/usr/local/squirrelmail"> > SetEnv MF_TIT "MailFetch 0.8 Secure for SquirrelMail 1.1.x" > </Directory> It should be important to note, that httpd.conf in this case shouldn't be= =20 readable by anyone except root. This is why vadmin uses an include-file=20 for the httpd.conf. --=20 0> Konstantin ("Icon") Riabitsev / ) Duke University Physics Sysadmin ~ www.phy.duke.edu/~icon/pubkey.asc |