On Thu, Jan 29, 2004 at 01:36:49PM +0000, MJ Ray wrote:
On 2004-01-29 12:33:35 +0000 Chris Green chris@areti.co.uk wrote:
Why is it that so many of them use IMAP as the source of the mail they allow you to access?
[snip]
WebMail really wins when you want to be a little paranoid and only open your IMAP server to the places that you know you want access from. A misconfigured/badly written IMAP server will let you send passwords over the net as clear text, and give an attacker full read-write access to all your files. I've seen it done. At least if you only allow IMAP access to your local network and the webmail server, it limits the potential for damage.
Yes, that's what one host that I use does, only allows IMAP access from local host and runs IMP (Horde) for WebMail. Unfortunately that's not the host where I keep the bulk of my E-Mail.
If you want a WebMail that does other tricks, you probably will have to look harder to scratch that rarer itch. Please keep your review notes as you go along and publish them afterwards, to save those that follow from repeating your work. You might even get helpful suggestions after you first publish those notes.
I'll keep looking, there are a few WebMail servers that run from a maildir hierachy (mostly NeoMail and its descendents) but I'd really prefer mbox. Even with its weaknesses mbox is just so much more convenient to get at with standard Unix tools. Since I'm the only user locking is unlikely to be a problem.