<<< Date Index >>>     <<< Thread Index >>>

Re: Mutt Next Generation



David Schweikert <dws@xxxxxxxxxx> wrote:
> Hi Thomas,
> 
> On Thu, Jan 27, 2005 at 22:01:04 +0100, Thomas Roessler wrote:
> > Simple: That way, you get the same functionality without additional
> > code in mutt.  Less code is better.
> 
> That's fair, but also consider the complexity of the configuration
> required for a user on a multi-user system to get SMTP-AUTH with the
> password being asked (only once possibly).

Complexity?  The user can install a trivial SMTP relay agent in ~/ that reads
~/.smtp for its configuration.  Again, less code, less complexity, same
functionality -- net win.

And who cares about the user's SMTP AUTH password being asked?  Put it in the
relay agent's control file, readable only by the user.  It's exactly the same
security -- only the user and root can read it, and root can already extract
it from the process's memory space if he wants to, so no change there.

> Are you storing the password in clear text somewhere? Does that work in
> a multi-user environment (where every user has different SMTP AUTH
> servers)?

Sure, it does.

Charles
-- 
-----------------------------------------------------------------------
Charles Cazabon                          <muttdev@xxxxxxxxxxxxxxxxxxxx>
-----------------------------------------------------------------------