Re: [evolution-patches] [PATCH] IMAP preauth and subcommand connection.

[David Woodhouse <dwmw2 infradead org>]

On Thu, 2003-06-26 at 20:21, Ettore Perazzoli wrote:
> On Thu, 2003-06-26 at 13:05, David Woodhouse wrote:
> > It's possible to get at an IMAP server by 'ssh $MAILHOST imapd', and in
> > fact some servers that's the _only_ way to get at them... 
> 
> Is this actually a common setup?

I can only speak for situations I've encountered, for which the answer
is 'yes'. 

It's an option which pine supports by default, and it lets users get at
IMAP servers on hosts which aren't primarily mail servers hence don't
have IMAP daemons listening, lets users user _different_ IMAP servers to
those which are listening on the standard ports, and lets users use IMAP
servers on machines behind firewalls which only SSH knows how to get
through, etc. 

The one you see in the screenshot below, for example, is connecting to a
host within my employer's private network because ssh has a ProxyCommand
setting 'ssh bastionhost exec nc %h %p', and running courier-imap on
that host even though that mail box has wu-imapd listening on port 143.

> I am not opposed to the feature, but I worry about the IMAP
> configuration page getting even more complicated than it already is... 
> The setting should be exposed to the user in a way that s/he can
> understand.

See http://www.infradead.org/~dwmw2/evo-shot.jpeg -- I don't think it's
too confusing.

> Also, does this rely on ssh-askpass to fetch the password?

ssh-askpass or ssh-agent or shosts or passphrase-less keys.... yes. Or
maybe you could be using rsh or krsh or some kind of socks client, or
just running 'imapd' locally, or.....

The _default_ command if you enable the option, IIRC, is
	ssh -C -l $URLUSER $URLHOST exec imapd

-- 
dwmw2