[Dovecot] SSL / TLS
Federico Nicolelli
federico.nicolelli at iscsi.it
Thu Jul 9 18:35:01 EEST 2009
Timo Sirainen ha scritto:
> On Jul 9, 2009, at 11:15 AM, Charles Marcus wrote:
>
>> On 7/9/2009, Federico Nicolelli (federico.nicolelli at iscsi.it) wrote:
>>> Ok, so if you set
>>> "protocols = imap imaps"
>>
>> Personally, I never enable unencrypted imap port...
>>
>> Forcing encrypted port (imaps) for everyone really doesn't add anything
>> in the way of overhead on modern systems, and I just don't like the idea
>> of unencrypted sessions, even on on 'trusted' networks.
>
> That's a wrong way to think about it. imaps is a legacy port that should
> have died years ago. You can force encrypted sessions on imap port just
> by setting disable_plaintext_auth=yes (or even more strongly with
> ssl=required with v1.2+).
>
>
I guess that "disable_plaintext_auth=yes" means that you have to use
encryption algorithm to protect your authentication (like md5, sha1
ecc...) but is not related with the traffic encryption.
More information about the dovecot
mailing list