19 Feb
2013
19 Feb
'13
11:17 a.m.
At 12PM +0400 on 19/02/13 you (Evgeny Basov) wrote:
I set this parameters in dovecot config:
disable_plaintext_auth = yes ssl = yes auth_mechanisms = plain login
<snip>
And when the client connects to another host, I have (1) and (2) connections are encrypted
| client | ---- (1) ----> |imap1 (proxy_maybe='y', host = imap2)| ---- (2) ----> |imap2|
but need only (1).
That's not a good idea. SSL is not very much overhead, and trusting your internal networks to the point of having plaintext passwords going over the wire is not very safe.
Ben