On 10/2/2012 8:45 PM, 3.listas@adminlinux.com.br wrote:

Hi,

I have a "ubuntu10.04 + dovecot-2.0.13" configuration in my server. It works fine with ~50k accounts.

Recently I enabled TLS: $ cat /etc/dovecot/dovecot.conf ... # Use SSL ? ssl = yes ...

The goal was to provide only IMAPS and POP3S. But Managesieve says "STARTTLS": $ telnet _MY_IP_ 2000 Trying _MY_IP_... Connected to _MY_IP_. Escape character is '^]'. "IMPLEMENTATION" "K8 ManageSieve" "SIEVE" "comparator-i;ascii-numeric copy envelope fileinto imapflags include notify regex reject relational subaddress vacation" "SASL" "PLAIN LOGIN" "STARTTLS" "VERSION" "1.0" OK "K8 IMAP/POP3 server"

I think there is something wrong there but I don't know. I think Managesieve should not say "STARTTLS". Can someone help me?

The STARTTLS capability means that ManageSieve is prepared to accept a STARTTLS command that invokes the TLS handshake. Basically, the protocol starts in plaintext and switches to a TLS/SSL secured channel once the STARTTLS command is issued. However, the client can also choose not to use it. Therefore, it really shouldn't influence whether ManageSieve works properly (unless the client messes up TLS somehow).

If you really want to, you can disable TLS for ManageSieve specifically by putting a ssl=no inside the protocol sieve {} section.

Regards,

Stephan.