My guess is that the next step in security is to go for imaps and ssl configuration. But my debian installation doesn't appear to have the dovecot-openssl.cnf file referenced in the configuration.txt file.
Is this missing from dovecot or am I looking at a debian problem? No debian neither dovecot problem.
protocols = imap imaps Be sure to have certificate for dovecot (Debian should create a default one) ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem
I prefer to split up the pem file into crt and key and to use one of my own certificates created with my CA, but you can also buy one... if you like (verisign, thawte) ssl_cert_file = /etc/ssl/certs/my_own_cert.crt ssl_key_file = /etc/ssl/private/my_own_private.key Check if the port does accept connection and if you can see the certificate: openssl s_client -connect localhost:993 (imaps port) That should do it. (you bitch! ;-))