martin@prodix.liu.se (Martin Wendel) (07/16/90)
I am interested in setting up mailbox servers on UNIX workstations/servers. I have looked at IMAP2 and it seems quite capable. However, after reading the docs on IMAP2 I learned that every mailbox must be connected to a defined user on one of the mailbox servers. I regard this as a security threat. It seems that IMAP2 was built to work on small sites consisting mainly of workstations and not on larger sites with servers, workstations and lots of small computers. Is there anyone out there who has experience of mailbox servers in large sites (I am talking ten or more subnets and tenthousand mailboxes). Thanks in advance Martin.Wendel@UDAC.UU.SE
mrc@Tomobiki-Cho.CAC.Washington.EDU (Mark Crispin) (07/17/90)
In article <161@prodix.liu.se> martin@prodix.liu.se (Martin Wendel) writes: >I am interested in setting up mailbox servers on UNIX >workstations/servers. I have looked at IMAP2 and it >seems quite capable. However, after reading the docs >on IMAP2 I learned that every mailbox must be connected >to a defined user on one of the mailbox servers. I regard >this as a security threat. It seems that IMAP2 was built >to work on small sites consisting mainly of workstations >and not on larger sites with servers, workstations and >lots of small computers. > >Is there anyone out there who has experience of mailbox >servers in large sites (I am talking ten or more subnets >and tenthousand mailboxes). There is nothing in IMAP2 per se that requires that "every mailbox must be connected to a defined user on one of the mailbox servers." It is true that the current Unix IMAP2 server (and the DEC-20 one) implement access authentication as defined users on the server. If by "security threat" you are worried about these credentials flowing on the network, the way you address this is Kerberos. There's no reason why Kerberizing IMAPware should be any more difficult than Kerberizing FTP (a solved problem). If by "security threat" you are worried about people with mailboxes being able to log in on the server as a timesharing user, there is already a perfectly good mechanism to prevent this in Unix. In any case, since the IMAP2 sources are available, there is no reason why you cannot implement your own authentication mechanism. Nothing in the protocol forces defined users; there are merely two authentication tokens commonly referred to as "user" and "password". Please contact me if you have any specific questions. IMAP2 was specifically designed to scale in the way you suggest. It certainly scales for larger sites better than more traditional protocols. I use IMAP2 on 8 different servers, including a server in a foreign country. _____ | ____ ___|___ /__ Mark Crispin, 206 842-2385, R90/6 pilot, DoD#0105 _|_|_ -|- || __|__ / / 6158 Lariat Loop NE "Gaijin! Gaijin!" |_|_|_| |\-++- |===| / / Bainbridge Island, WA "Gaijin ha doko ka?" --|-- /| |||| |___| /\ USA 98110-2098 "Niichan ha gaijin." /|\ | |/\| _______ / \ "Chigau. Gaijin ja nai. Omae ha gaijin darou" / | \ | |__| / \ / \"Iie, boku ha nihonjin." "Souka. Yappari gaijin!" Hee, dakedo UNIX nanka wo tsukatte, umaku ikanaku temo shiranai yo.