[Dovecot] TLS Authentication Confusion

Carlos Mennens carloswill at gmail.com
Thu Nov 10 21:17:15 EET 2011


I asked a user today to make sure his incoming and outgoing email was
using TLS. He told me it wasn't possible because my Dovecot / Postfix
daemons were only listening on TCP 25 & 143 according to a port scan
he did. He told me the only way I could enable encrypted secure
sessions between the client & server is to enable port 993 (IMAPs). I
told him that TLS is supported on my mail server over the default
ports TCP 25 / 143 and that many consider IMAPs to be legacy. I sent
him a telnet session of my PC communicating with my server & it shows
TLS is available. I just wanted to be sure I was correct with the
information above or am I completely wrong and I do indeed need TCP
port 993?

I know this is the Dovecot mailing list but since Dovecot and Postfix
both use and support TLS in their configuration files, I figured I
would ask here for your help!

carloss at pc1:~$ telnet mail.holyghost.org 25
Trying 192.168.4.100...
Connected to mail.holyghost.org.
Escape character is '^]'.
220 mail.holyghost.org ESMTP Postfix
EHLO pc1.holyghost.org
250-mail.holyghost.org
250-PIPELINING
250-SIZE 20480000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Below is a snip from my mail logs showing TLS:

Nov  9 10:26:39 mail dovecot: imap-login: Login: user=<carlos>,
method=PLAIN, rip=::ffff:192.168.4.100, lip=::ffff:192.168.4.100, TLS

The above snip from my log means that I'm connecting to Dovecot via
TLS, correct?


More information about the dovecot mailing list