6 Jan
2009
6 Jan
'09
4:49 p.m.
- Timo Sirainen tss@iki.fi wrote:
Have you enabled non-plaintext authentication? If not, then disable_plaintext_auth practically does what you want, because you can't authenticate without SSL/TLS.
Oh, great. I don't know a lot of IMAP/POP3-internals, but I was unsure whether `disable_plaintext_auth' still allowed non-secured connections to take place in my setup, as long as the client used some broken form of hashing/encoding the password (like base64), which is obviously not what I want.
Thanks for the information. I'll add it to the Wiki article "SSL/DovecotConfiguration".
-- Ed Schouten ed@80386.nl WWW: http://80386.nl/