Re: Is having an "open" ldap database a good idea ?

[Raj Kunjithapadam <rajk@home.com>]

Dustin Sallings wrote:

> On Fri, 4 Feb 2000, John P. Looney wrote:
>
> #  Do commerical spammers see LDAP databases as great big resources for
> # guaranteed "live" email addresses, or are they too difficult for them
> # to get one big list (I intend doing things like limiting max searches
> # to 10 results, etc.) ?
>
>         Spammers don't care where they get addresses, or, for the most
> part, whether they're valid or not.  If someone finds out about your LDAP
> server, you can guarantee they'll get a list of addresse out of it.
>
>         Do any MUAs support doing a proper binding to an LDAP server?

But your LDAP database can be completely locked by disabling anonymous
operations.
Then with appropriate aci's you can also limit clients to particular ip's.
-Raj



>
>
> --
> dustin sallings                            The world is watching America,
> http://2852210114/~dustin/                 and America is watching TV.

begin:vcard 
n:Kunjithapadam;Raj
tel;cell:408-504-3254
tel;work:650-569-5733
x-mozilla-html:TRUE
org:@Home Network;Set Top Engineering
adr:;;4023 Budwing Terrace;Fremont;CA;94538;US
version:2.1
email;internet:rajk@home.com
title:Software Engineer
x-mozilla-cpt:;27456
fn:Raj Kunjithapadam
end:vcard