identify 143 vs 993 clients
mj
lists at merit.unu.edu
Tue May 26 10:21:23 EEST 2020
Hi,
On 25/05/2020 23:04, Voytek wrote:
> jumping here with a question, if I use 143 with STARTTLS, and, force
> TLS/SSL in configuration, that's equivalent from security POV, isn't
> it? and, same for 110 STARTTLS? Or am I missing something?
Interesting point, after some googling, I think you are right, and as
long as we have set "disable_plaintext_auth = yes" (and we have that) we
should be fine keeping 143 open. Right?
One doubt I had: "disable_plaintext_auth = yes" sounds as if only the
authentication part is secured, and the rest is kept plain text, whereas
with 993/SSL, *everything* would be encrypted?
Or am I missing something? (then perhaps someone can point it out?)
Thanks,
MJ
More information about the dovecot
mailing list