'[SM-CVS] SF.net SVN: squirrelmail:[14963] trunk/imap_proxy/scripts/imapproxy.conf'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-cvs
Subject:    [SM-CVS] SF.net SVN: squirrelmail:[14963] trunk/imap_proxy/scripts/imapproxy.conf
From:       pdontthink--- via squirrelmail-cvs <squirrelmail-cvs () lists ! sourceforge ! net>
Date:       2022-05-24 1:56:22
Message-ID: 1653357382.260094.17086 () sfp-scm-3 ! v30 ! lw ! sourceforge ! com
[Download RAW message or body]

Revision: 14963
          http://sourceforge.net/p/squirrelmail/code/14963
Author:   pdontthink
Date:     2022-05-24 01:56:21 +0000 (Tue, 24 May 2022)
Log Message:
-----------
New configuration items for regular SASL AUTH PLAIN capability

Modified Paths:
--------------
    trunk/imap_proxy/scripts/imapproxy.conf

Modified: trunk/imap_proxy/scripts/imapproxy.conf
===================================================================
--- trunk/imap_proxy/scripts/imapproxy.conf	2022-05-24 01:55:24 UTC (rev 14962)
+++ trunk/imap_proxy/scripts/imapproxy.conf	2022-05-24 01:56:21 UTC (rev 14963)
@@ -222,8 +222,8 @@
 
 
 #
-## Set any of these to "yes" if the corresponding TLS version is not
-## sufficiently secure for your needs
+## Set any of these to "yes" if the corresponding TLS version
+## is not sufficiently secure for your needs
 #
 #tls_no_tlsv1 no
 #tls_no_tlsv1.1 no
@@ -232,17 +232,32 @@
 
 #
 ## Authenticate using SASL AUTHENTICATE PLAIN
+## (instead of the default IMAP LOGIN mechanism)
 ##
-## The following authentication username and password are used
-## along with the username from the client as the authorization
-## identity.  In order to avoid having the service wide open (no
-## password needed from the client), the client is required to
-## send the auth_shared_secret in leiu of a user password.
+## There are two ways this can be used:
 ##
+##    1) Send the username and password to the upstream
+##       server for a typical proxied login
+##
+##    2) Send a pre-configured authorization identity along
+##       with the client's authentication identity (username)
+##
+## For the typical (1) usage, uncomment and make sure
+## auth_sasl_mech is set to "plain"
+##
+## To use a static authorization identity (2), set
+## auth_sasl_plain_username and auth_sasl_plain_password
+## with the needed credentials and enter a shared secret
+## in auth_shared_secret which is required so that the service
+## is not wide open: the client must still provide this secret
+## in leiu of a user password.
+##
 ## NOTE: This functionality *assumes* that the server supports
 ##       AUTHENTICATE PLAIN, and it does *not* verify this by
 ##       looking at the server's capabilities list.
 #
+#auth_sasl_mech plain
+#
 #auth_sasl_plain_username
 #auth_sasl_plain_password
 #auth_shared_secret
@@ -266,5 +281,5 @@
 ## Default if unset is AF_UNSPEC for both A and AAAA.
 #
 #ipversion_only 6
- 
 
+

This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.



-----
squirrelmail-cvs mailing list
List address: squirrelmail-cvs@lists.sourceforge.net
List info (subscribe/unsubscribe/change options): \
                https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
Repository: http://squirrelmail.org/svn


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic