15 Jan
2009
15 Jan
'09
3:56 p.m.
Durk Strooisma wrote:
On 1/15/2009, Durk Strooisma (durk@kern.nl) wrote:
As far as I can see, this would only be possible when using imaps and disabling imap. However, I would like to have the other way around; disabling imaps and using imap for all communication (with enforced STARTTLS). Am I missing something? I've tried to enforce STARTTLS for any possible connection, to avoid using tunneling, but I couldn't find an option to do so.
First you need to disable any ssl_listen in the protocol section:
protocol imap { listen = *:143 # ssl_listen = *:993 } protocol pop3 { listen = *:110 # ssl_listen = *:995 }
Then set: disable_plaintext_auth = yes
That will give you the ability for users to only log in via TLS.