[Dovecot] Enforcing TLS
Ed Schouten
ed at 80386.nl
Tue Jan 6 15:59:38 EET 2009
Hello all,
I've happily been using Dovecot for a couple of years now, but only a
couple of days ago I configured it to speak both TLS and SSL for both
POP3 and IMAP. Ideally I want users to use TLS, but I've enabled SSL,
because some mailers (at least Apple Mail on OS X Tiger) don't support
TLS.
Right now I'm in sort of a transitional phase, where I'm asking users to
enable TLS in their email clients, if not enabled already. After a
couple of weeks/months I want to disable any (non-local) connections
that don't use TLS or SSL.
I already asked on IRC whether this was possible, because I was unable
to find this on the Wiki. It turns out there is a configuration switch
called `disable_plaintext_auth', but looking at the description this
only prevents people from using plain-text username/password
authentication. It does not actually enforce TLS or SSL.
My question: is there support to enforce TLS when people connect to
non-SSL ports? If someone comes up with a solution, I'll add it to the
SSL article on the Wiki.
I'm using Dovecot 1.1.7, installed on a FreeBSD 6.4-STABLE system.
Thanks!
--
Ed Schouten <ed at 80386.nl>
WWW: http://80386.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20090106/eb0751e1/attachment.bin
More information about the dovecot
mailing list