Well, so far in this little project I’ve gotten Thunderbird to successfully load contacts from my OpenLDAP server. I’ve also got it working over SSL so that all transmissions are encrypted.
My current issue: anyone can query the database of contacts!
Yip, that means when I put your address into my addressbook through LDAP, everyone else in the world can query my addressbook and get your information.
This was not what I was intending, so I’m investigating authentication with LDAP in an effort to figure out how to get Thunderbird (or any Mail client, for that matter) to authenticate before just handing over the goods. I don’t think my friends would appreciate being spammed due to my inability to lock down my contacts database.
Currently I realize that I must put the authentication information into the directory that LDAP maintains, but I’m uncertain as to how to tell LDAP to use those entries for authentication. I know how to make it a general authentication server, but I don’t really want that either. Or do I?
Any suggestions are welcome… I’m still doing the research and playing around.