https://bugzilla.novell.com/show_bug.cgi?id=847989 https://bugzilla.novell.com/show_bug.cgi?id=847989#c3 --- Comment #3 from Reinhard Max <max@suse.com> 2013-11-05 09:38:24 CET --- (In reply to comment #2)
I also checked ~/.pinepw contents for the security concern you brought up. The password is encrypted and therefore secure enough for my tiny installation in the sense that it isn't plain text.
Yes, it is not plain text, but not encrypted either, only obfuscated. Your users could obtain the plain text password by reproducing the (de)obfuscation algorithm that is contained in the alpine sources, or by grabbing it from alpine's memory with a debugger. If that's still good enough for you, that's fine, but I wanted you to be aware of the fact.
I originally started with Postfix local SMTP transport as you suggest and ran into not being able to prevent some very determined spammers from forwarding / reflecting their material through my Postfix installation.
You mean your Postfix setup ended up being an open relay (external spammers were able to send emails to external recipients)? If so, that surprises me, because Postfix was specifically designed to not allow this by default and you would have to go a long way to configure it as an open relay. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.