I should follow up, having complained in public ...
On Sat, 24 Apr 2004 06:56:42 +0200 Quentin Garnier cube@cubidou.net wrote:
Le Fri, 23 Apr 2004 19:07:13 -0400 Amelia A Lewis a ecrit : [...]
Dovecot cannot, currently, be configured to permit plaintext on localhost while requiring Something Better from the rest of the world.
This becomes a problem with SquirrelMail, which can't cope with TLS. It just barfs. Looking at bug reports in debian, this has already
SquirrelMail works perfectly fine with Dovecot and TLS. I use it in production for the company I work in.
However, it is true that I had to debug a very big issue with PHP and the way it is compiled. I'm using NetBSD and pkgsrc, but I guess it might be the same with the Debian packages.
[snip]
It's interesting that there are different issues.
My debian installation had a bug in functions/imap_general.php that discarded the server name if tls was used (the server name became "tls://", only, instead of prepending that to the server name). Once I fixed that (now reported to debian maintainer, so should show fixed soon there), I still had problems, because I assumed that squirrelmail could do STARTTLS. It doesn't, apparently (I could be wrong again, though). Switching it to port 993 in config made everything lovely. Debian's php (libapache2-mod-php4, in my case, a recent addition to packages that actually permits php4 with apache2) appears to be compiled with the proper support.
So, all serene. *laugh* On the other hand, I *would* still like to be able to run without TLS on localhost (a localhost exception to disable_plaintext_auth), because it's fairly pointless to require the processor to do all the extra work of encryption and decryption in that situation. Feature request, please, Timo?
Amy!
Amelia A. Lewis amyzing {at} talsever.com The flesh is strong. The spirit stronger. So shed your skin, baby. Let it through. Come on over. -- Amy Ray