Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
Re: [suse-security] Squirrel-Webmail
  • From: Sven 'Darkman' Michels <sven@xxxxxxxxxx>
  • Date: Mon, 12 Aug 2002 11:11:06 +0200
  • Message-id: <3D577BAA.90106@xxxxxxxxxx>
Mario Ohnewald wrote:
Hello!
What do you think about Squirrelmail?
How secure is it?
I have it currently running on a mailserver-only Box.
Or should the question be, how secure is imap?! It will only be used
internal.

Put the squirrelmail behind an htaccess space on a https server
at first. If you want to check 'security' of squirrel, check
archives like bugtraq for bugreports/exploits/whatever ;)
If you use squirrel on the same server like the imapd runs,
you have to open imap only to localhost, not to the world, so
it should be protected from attacks from others.

HTH



< Previous Next >
References