[Dovecot] SSL / TLS
Charles Marcus
CMarcus at Media-Brokers.com
Thu Jul 9 18:41:44 EEST 2009
On 7/9/2009, Timo Sirainen (tss at iki.fi) wrote:
>> Forcing encrypted port (imaps) for everyone really doesn't add
>> anything in the way of overhead on modern systems, and I just don't
>> like the idea of unencrypted sessions, even on on 'trusted'
>> networks.
> That's a wrong way to think about it. imaps is a legacy port that
> should have died years ago. You can force encrypted sessions on imap
> port just by setting disable_plaintext_auth=yes (or even more
> strongly with ssl=required with v1.2+).
Hmmm... ok, I thought setting imaps was the easy way to both enable TLS
and set dovecot to listen on port 993...
So, does disable_plaintext_auth=yes automatically change the imap listen
port to 993, or would I then nees to also set 'ssl_listen: 993' (if so,
wouldn't that seeting be more appropriately named tls_listen? ;)?
Thanks Timo - I do prefer to use settings that are not (or not someday
going to be) deprecated...
--
Best regards,
Charles
More information about the dovecot
mailing list