[Dovecot] TLS Authentication Confusion

Dick Middleton dick at fouter.net
Thu Nov 10 21:28:55 EET 2011


On 11/10/11 19:17, Carlos Mennens wrote:
> I asked a user today to make sure his incoming and outgoing email was
> using TLS. He told me it wasn't possible because my Dovecot / Postfix
> daemons were only listening on TCP 25 & 143 according to a port scan
> he did. He told me the only way I could enable encrypted secure
> sessions between the client & server is to enable port 993 (IMAPs).

Yes you are right.  Port 993 is for IMAPS (SSH).  TLS is normally on the same
port as plain.

The difference between SSH and TLS is that with SSH the encryption is set up
before any application communication takes place.  i.e all application packets
are contained in the encrypted payload.  With TLS the application starts
communication and then the application sets up encryption of its payload.

Dick




More information about the dovecot mailing list