Preventing Plain Auth

6 Mar 2026


      Hi all,
https://doc.dovecot.org/2.4.2/core/summaries/settings.html , the
auth_allow_cleartext section, says "If no, disables the LOGIN command
and all other cleartext authentication unless SSL/TLS is used
(LOGINDISABLED capability) or the connection is secured (see ssl).
See SSL configuration for more detailed explanation of how this setting
interacts with the ssl setting.
This setting replaces the disable_plaintext_auth setting."
I put auth_allow_cleartext = no in my 2.4.2 dovecot.conf, but my
Claws-Mail client can still access it, even though there are no key
files. I tried putting this setting in several different places: Didn't
prevent plain access. I tried switching from 127.0.0.1 to 10.0.2.15,
same problem. The following is the output of my dovecot -n command:
=========================================
2.4.2 (0962ed2104): /etc/dovecot/dovecot.conf
OS: Linux 6.12.74_1 x86_64
Hostname: dovecotvoid
dovecot_config_version = 2.4.2
dovecot_storage_version = 2.4.2
listen = 10.0.2.15
log_path = /var/log/dovecot.log
mail_driver = maildir
mail_gid = vmail
mail_home = /home/slitt
mail_path = ~/mail/Maildir
mail_uid = vmail
protocols {
imap = yes
lmtp = no
pop3 = no
}
service imap {
inet_listener imap-login {
auth_allow_cleartext = no
}
}
namespace inbox {
inbox = yes
separator = /
}
passdb pam {
driver = pam
}
userdb passwd {
driver = passwd
}
How do I disable plain text authentication?
Thanks,
SteveT
Steve Litt
http://444domains.com