[Dovecot] Force STARTTLS on port 143 for !internalnetwork
Hi!
How can I force users which are connecting from OUTSIDE our newtworks to user STARTTLS on Port 143?
Right now we resort to IMAPS on port 993, but an additional STARTTLS enabled login on the default port would make things easier!
-- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt@charite.de | http://www.charite.de
- Timo Sirainen <tss@iki.fi>:
I think that'll work, yes, but it has the additional feature of allowing clients from localnet to fake their IP address.
Yes, I noticed this while reading the checkin message for the feature.
Can I also specify more than one subnet there?
-- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt@charite.de | http://www.charite.de
- Timo Sirainen <tss@iki.fi>:
It's easier to enumerate the INTERNAL networks than the whole internet...
-- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt@charite.de | http://www.charite.de
participants (3)
-
Nick Rosier
-
Ralf Hildebrandt
-
Timo Sirainen