[Kolab-devel] reason for unencrypted services beeing enabled per default
Gunnar Wrobel
wrobel at kolabsys.com
Thu Aug 26 18:01:52 CEST 2010
Hi,
Zitat von Silvan Marco Fin <silvan at kernelconcepts.de>:
> Hi!
>
> Is there a particular reason, why the kolab services (imap, smtp,
> http, ldap) are configured to accept unencrypted connections per
> default? In case of smtp, the situation is clearly a bit more
> complicated, but postfix can be tweaked, to accept either unencrypted
> and unauthenticated connections (relaying or SMTP host) or only
> encrypted and authenticated (for kolab users). For the other services I
> can't think of a reason, why they should accept incoming connections in
> unencrypted form after the default installation.
I assume there were some good reasons in the past to choose the
defaults as we have them now. And one might have been "Outlook". But I
don't think this is something that is absolutely fixed and we can
always discuss and change it.
Maybe the more important point would be some good documentation at a
prominent place that highlights some important security measures.
Assuming that we choose a more secure default then we'd need to
document on how to open the system up. Either because some users are
unable to connect otherwise or because the server is in a special
network or whatever other reason I can't think of now.
Cheers,
Gunnar
>
> Kind regards,
> Silvan (silvan at kernelconcepts.de)
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel
>
--
Gunnar Wrobel
Developer, Kolab Systems AG
e: wrobel at kolabsys.com
t: +49 700 6245 0000
w: http://www.kolabsys.com
pgp: 9703 43BE
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the devel
mailing list