[Dovecot] Force STARTTLS on port 143 for !internalnetwork
Timo Sirainen
tss at iki.fi
Wed Feb 9 17:22:16 EET 2011
On 9.2.2011, at 17.13, Ralf Hildebrandt wrote:
> * Timo Sirainen <tss at iki.fi>:
>
>> I think that'll work, yes, but it has the additional feature of allowing clients from localnet to fake their IP address.
>
> Yes, I noticed this while reading the checkin message for the feature.
It's also mentioned in the example-config.
>> In v2.0 you can do:
>>
>> disable_plaintext_auth = yes
>> local 10.0.0.0/24 {
>> disable_plaintext_auth = no
>> }
>
> Can I also specify more than one subnet there?
You can add multiple local {} blocks. Uh. Actually, you want remote {}, not local {}.
More information about the dovecot
mailing list