Authentication

One of the appeals of UW IMAP is its flexibility with regard to authentication and mailbox format schemes. Here’s a brief overview of some of the more common areas of concern with UW authentication.

Disabling Plaintext Passwords

It’s possible to disable plaintext passwords before they disable you. Doing so involves rebuilding the server with an alternate authentication method and the password type set to nul:

%make lnx EXTRAAUTHENTICATORS=gss PASSWDTYPE=nul

At least one EXTRAAUTHENTICATOR (gss, in the previous example) must be specified, or the server will have no mechanism for users to log in.

Enabling Anonymous Login

Anonymous IMAP login is disabled by default. To enable anonymous login, create an empty file called /etc/anonymous.newsgroups. Note that anonymous user access is limited to mailboxes in the News (#news/  ), FTP (#ftp/  ), and Public (#public/  ) namespaces.

Using PAM for Plaintext Passwords

UW includes a port for Linux distributions that include support for PAM (Pluggable Authentication Modules). If your Linux distribution supports PAM, then rebuild the UW server with the Linux-PAM (lnp) port:

%make lnp

Solaris systems prior to Solaris 8 have PAM implementations that vary slightly from the Linux PAM implementation. To support plaintext passwords with PAM, Solaris sites should rebuild UW as follows:

%make clean
% make sol PASSWDTYPE=pmb

Other systems should build with PASSWDTYPE=pam:

%make 
                  systemtype
                   PASSWDTYPE=pam

System types are too numerous ...

Get Managing IMAP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial