Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Điều này có nghĩa rằng nếu chúng ta có nhiều hơn một miền thư, chúng ta có thể chọn MIME mã hóa cho một và uuencode cho người khác. Các tab Connections (xem hình 9,4) | 388 Chapter 10 Sendmail and IMAP Security One possibility on some servers is to use an alternate authentication scheme such as CRAM-MD5 Challenge-Response Authentication Mechanism with encryption using the MD5 algorithm developed by Ronald Rivest or SASL Simple Authentication and Security Layer . On the server a typical authentication process accepts the password over the network from the client and then encrypts the password for comparison against the encrypted version it stores. With CRAM-MD5 or SASL authentication the client generates a checksum of the password that was entered and the checksum is sent over the network for comparison with a checksum generated on the server side. In this way no information that might compromise security is passed over the network. For more information about CRAM-MD5 see www.cis.ohio-state.edu htbin rfc rfc2195.html. For more information about the SASL protocol see www.cis.ohio-state.edu htbin rfc rfc2222.html. Another consideration is how authentication is managed on the server side. An IMAP server that uses standard UNIX authentication must run as root in order to access the UNIX password file. Most buffer overflow exploits that allow execution of root commands via a flaw in the server software take advantage of the server running as root. The buffer overflow condition tricks the system into executing a command outside the normal server operation. If a hacker can manage this trick on a server running as root they can pry open a virtual door to later gain unauthorized access to your system. A number of servers don t have to run as root because they use an alternate method of completing the authentication process on the server side. Cyrus IMAP for example supports an additional process just to check passwords called pwcheck . The password checking process runs as root but will talk only to authorized programs such as IMAP . It accepts the password and username from the IMAP server and then returns a message indicating whether the