12 Aug
2002
12 Aug
'02
09:11
Mario Ohnewald wrote:
Hello! What do you think about Squirrelmail? How secure is it? I have it currently running on a mailserver-only Box. Or should the question be, how secure is imap?! It will only be used internal.
Put the squirrelmail behind an htaccess space on a https server at first. If you want to check 'security' of squirrel, check archives like bugtraq for bugreports/exploits/whatever ;) If you use squirrel on the same server like the imapd runs, you have to open imap only to localhost, not to the world, so it should be protected from attacks from others. HTH