I'm trying to setup IMAP, so that it works via secure connections. I have it working fine over SSL, now I wish to get TLS to work.

I have set imap and imaps to both listen on *, and have disable_plaintext_auth = yes, which according to the docs, Disable LOGIN command and all other plaintext authentications unless SSL/TLS is used (LOGINDISABLED capability).

So the problem is now, that TLS doesn't work. Trying it with thunderbird, I get a message about login being disabled, and to check my settings and such. The port is correct (imap, not imaps), and I have it to always use TLS. I see the following in my logs Jul 14 16:35:46 mafeking dovecot: imap-login: Aborted login: rip=58.7.136.163, lip=203.30.47.34, TLS

Any ideas? To me it appears to be using TLS, so why doesn't thunderbird work? Is it the LOGINDISABLED capa keyword? Is it dovecot telling Thunderbird the wrong capa when using TLS?

It all works fine with SSL, and the port (in thunderbird) set to the imaps port. The logs show lines like below when using SSL. Jul 14 16:36:32 mafeking dovecot: imap-login: Login: user=<joeblogs>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured

Any ideas? Or should I just force SSL?

Thanks

Tim (using RC2)

Linux Counter user #273956 Don't email joeblogs@scouts.org.au