Hello all,
I've happily been using Dovecot for a couple of years now, but only a couple of days ago I configured it to speak both TLS and SSL for both POP3 and IMAP. Ideally I want users to use TLS, but I've enabled SSL, because some mailers (at least Apple Mail on OS X Tiger) don't support TLS.
Right now I'm in sort of a transitional phase, where I'm asking users to enable TLS in their email clients, if not enabled already. After a couple of weeks/months I want to disable any (non-local) connections that don't use TLS or SSL.
I already asked on IRC whether this was possible, because I was unable to find this on the Wiki. It turns out there is a configuration switch called `disable_plaintext_auth', but looking at the description this only prevents people from using plain-text username/password authentication. It does not actually enforce TLS or SSL.
My question: is there support to enforce TLS when people connect to non-SSL ports? If someone comes up with a solution, I'll add it to the SSL article on the Wiki.
I'm using Dovecot 1.1.7, installed on a FreeBSD 6.4-STABLE system.
Thanks!
-- Ed Schouten ed@80386.nl WWW: http://80386.nl/