Hi Timo,
Not possible currently.
Okay.
Hmm. I don't want to add a new setting for this, but some existing one could be updated/replaced.. Perhaps ssl_disable=required? Although that sounds weird. Maybe deprecate that setting and have ssl=yes/no/required.
The setting "ssl" sounds fine. In case you're going to implement this feature, for which release would that be?
Anyway you could modify the sources pretty easily to do this. In src/imap-login/client-authenticate.c function cmd_authenticate() add before mech_name line something like:
if (!client->common.secured && disable_plaintext_auth) { if (verbose_auth) { client_syslog(&client->common, "Login failed: " "STARTTLS not enabled"); } client->common.auth_attempts++; client_send_line(client, "* NO [ALERT] STARTTLS requires"); client_send_tagline(client, "NO STARTTLS required"); return 1; }
Thanks for the info!
Durk