[tpop3d-discuss] New features ?
Chris Lightfoot
chris at ex-parrot.com
Tue, 3 Dec 2002 09:28:59 +0000
On Tue, Dec 03, 2002 at 01:07:52AM +0100, Jakob Hirsch wrote:
>
> Uh, I feel a little bad right now, because we're doing this since ages.
> And to make it more evil, the passwords are even written in mail-log:
>
> tpop3d[700]: auth_mysql_new_user_pass: [jakob!revolution.de;
> jakob@revolution.de] failed login with wrong password
> tpop3d[700]: auth_perl_new_user_pass: (perl code): jakob!revolution.de
> is not for oldpopuser_auth (wrong pass "test"?)
>
> It was rather unintentionally, when I migrated from our passwd-style
> authentication system with the obligation to allow the people to use
> their old user/pass, so I write some perl code to handle this. Logging
> wrong passwords was handy for debugging, so I kept it in.
Ah, as in
http://lists.beasts.org/pipermail/vmail-discuss/2001-May/000194.html
> I agree with you to let it out of the main distribution. It's simply not
> worth the code. And I see no reason why somebody would want to have them
> in a database.
Exactly. Obviously, anybody is entitled to add this
facility to tpop3d themselves....
--
``Do you think it's a little dangerous handing out guns in a bank?''
(Michael Moore, to teller in bank which gives out hand-guns to
customers opening new accounts)