9 Jul
2009
9 Jul
'09
6:23 p.m.
On Jul 9, 2009, at 11:15 AM, Charles Marcus wrote:
On 7/9/2009, Federico Nicolelli (federico.nicolelli@iscsi.it) wrote:
Ok, so if you set "protocols = imap imaps"
Personally, I never enable unencrypted imap port...
Forcing encrypted port (imaps) for everyone really doesn't add
anything in the way of overhead on modern systems, and I just don't like the
idea of unencrypted sessions, even on on 'trusted' networks.
That's a wrong way to think about it. imaps is a legacy port that
should have died years ago. You can force encrypted sessions on imap
port just by setting disable_plaintext_auth=yes (or even more strongly
with ssl=required with v1.2+).