[Dovecot] Upgraded dovecot - now it insists on imap TLS
Alan Brown
ajb2 at mssl.ucl.ac.uk
Mon Sep 13 17:36:35 EEST 2010
Marcus Rueckert wrote:
> > What am I missing?
> dovecot -n output would help.
It would, but I found/fixed the problem already.
I had to set the following:
protocol imap {
disable_plaintext_auth=no
}
The default has changed from "no" to "yes" between 1.1.20 and 2.0.1, but
the conversion routine didn't pick it up (the wiki Documentation
suggests the default is still "no". Perhaps this should be updated?)
This still requires TLS on port 993, so there's no additional hole opened.
Ironically, we published plans some time back to disable local-access
plaintext imap logins in October and have been warning users to change
their settings but 90% of them hadn't yet done so.
More information about the dovecot
mailing list