response 7 of 40:

Feb 5 14:39 UTC 2010

well.. it's a cool offer, but.. what if you install a nasty password 
logger and we get the law suits. Sue me, I'm a pauper (and long 
distance doesn't work all that great anyway) but *ahem* certain fat-
cats within range of the toasty flames.. aren't quite likely to err.. 
purr.. :p

Anyway, the hard part is not perl and the policyserver.. it's getting 
SASL to work with our password file. basically from what I could make 
of it, there's plain text SASL (sent over encrypted TLS/SSL) so the 
server(Postfix, saslauthd) sees your plain-text password.. and then it 
authenticates using PAM - it sounds very complicated.. too many daemons 
in-between for Daltenus to toy with, but it's secure.

the easy way is maintain a separate mail-passwd file that postfix can 
read.. but i'm not so keen on this.. the first method allows ppl to 
really use cyberspace for email from anywhere with bandwidth limiting 
quotas (size field is also sent).. but it looks scary.