[Dovecot] Enforcing TLS
Giuliano Gavazzi
dev+lists at humph.com
Fri Jan 9 14:11:54 EET 2009
On T 6 Jan, 2009, at 14:59 , Ed Schouten wrote:
> My question: is there support to enforce TLS when people connect to
> non-SSL ports? If someone comes up with a solution, I'll add it to the
> SSL article on the Wiki.
>
> I'm using Dovecot 1.1.7, installed on a FreeBSD 6.4-STABLE system.
not sure I understand the question correctly, if I do then the answer
would be you cannot. If the client wants to speak plain it will. I do
not see why you would want to keep on listening on port 143 if you
want to enforce SSL, but if you really want to:
protocol imap {
listen = 127.0.0.1:143
ssl_listen = *:993 <interface-ip>:143
}
You can of course drop <interface-ip>:143.
Giuliano
More information about the dovecot
mailing list