[Dovecot] problem with disable_plaintext_auth

Hi,

I am using dovecot with postfix for authentication.

Everything (TLS/SSL, authentication) is working fine, except that when I set:

disable_plaintext_auth = yes

I still can authenticate with plain text on a no TLS/SSL session:

20 mail2.cs.ait.ac.th ESMTP Postfix (2.6.2)
EHLO [192.41.170.57]
250-mail2.cs.ait.ac.th
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN XXXX
235 2.7.0 Authentication successful

My dovecot configuration is:

# 1.1.16: /usr/local/etc/dovecot.conf
# OS: FreeBSD 7.2-RELEASE-p2 amd64  
base_dir: /var/run/dovecot/
protocols: none
ssl_listen: *
ssl_ca_file: /usr/local/ssl/ca/ait-itserv.crt
ssl_cert_file: /usr/local/ssl/crt/mail2.cs.ait.ac.th.crt
ssl_key_file: /usr/local/ssl/key/mail2.cs.ait.ac.th.key
ssl_cipher_list: ALL:!LOW:!SSLv2
login_dir: /var/run/dovecot/login
login_executable: /usr/local/libexec/dovecot/imap-login
login_chroot: no
login_greeting_capability: yes
verbose_proctitle: yes
first_valid_uid: 1000
first_valid_gid: 1000
mail_privileged_group: mail
mail_location: mbox:~/mail/:INBOX=/var/mail/%u
imap_client_workarounds: delay-newmail netscape-eoh tb-extra-mailbox-sep
auth default:
  mechanisms: plain login
  username_format: %Ln
  verbose: yes
  debug: yes
  passdb:
    driver: ldap
    args: /usr/local/etc/dovecot-ldap.conf
  passdb:
    driver: passwd
    args: blocking=yes
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 384

Any help is welcome.

Best regards,

Olivier