[Dovecot] SSL / TLS
Timo Sirainen
tss at iki.fi
Thu Jul 9 19:43:39 EEST 2009
On Thu, 2009-07-09 at 12:07 -0400, Charles Marcus wrote:
> On 7/9/2009, Federico Nicolelli (federico.nicolelli at iscsi.it) wrote:
> >> So, does disable_plaintext_auth=yes automatically change the imap listen
> >> port to 993, or would I then nees to also set 'ssl_listen: 993' (if so,
> >> wouldn't that seeting be more appropriately named tls_listen? ;) ?
>
> > No it will only disable plaintext authentications over a unsecure channel.
> > so if you want to force SSL/TLS you should use ssl=required as Timo said.
>
> Ok, still a little confused...
>
> To do this 'right'...
>
> protocols = imap
> disable_plaintext_auth = yes
> ssl = required
>
> and just use the default standard imap port of 143?
Yeah. And sure you can keep imaps port open too.
If you have only auth { mechanisms = plain } enabled,
disable_plaintext_auth=yes and ssl=required does basically the same
thing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090709/a35a340c/attachment.bin
More information about the dovecot
mailing list