[Dovecot] Encrypted IMAP only from Internet, unencrypted POP3
from internal network
Timo Sirainen
tss at iki.fi
Mon May 8 17:50:26 EEST 2006
On Mon, 2006-05-08 at 16:34 +0200, Rainer Frey wrote:
> Phew - good point. I just checked with a test installation and KMail an
> Thunderbird. KMAil and Thunderbird 1.0.8 both ask for CAPABILITY,
> Dovecot sends (among others) LOGINDISABLED, and both send a login
> command with cleartext password nontheless.
Reporting it as a kmail bug could be a good idea..
> Thunderbird 1.5 does not try this, it sends logout after it retrieves
> the LOGINDISABLED capability.
But then again Thunderbird 1.5 can't understand that after STARTTLS the
LOGINDISABLED capability isn't there anymore..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20060508/8d97ed25/attachment.pgp
More information about the dovecot
mailing list