[Dovecot] One dovecot, multiple domains

Gunter Ohrner G.Ohrner at post.rwth-aachen.de
Wed Feb 15 21:21:53 EET 2006


Am Mittwoch, 15. Februar 2006 19:54 schrieb Ben:
> Am I missing something obvious, or asking the impoosible?

It would not make much sense probably even is impossible:

I don't know if IMAP supports something like SMTP's STARTTLS where you can 
"convert" a plain channel to an SSL protected one. (At least that's how I 
understood it.)

Using IMAPS the SSL channel is already established before authenticating, 
so how should dovecot be able to select the right certificate?

If there is something like STARTTLS you would have to switch to SSL after 
sending the login name but before sending the passwort, which probably is 
not supported and which would reveal the login name to any attacker 
anyhow...

That's basically the same reasons why there can't be different https sites 
on the same host. (IP/port combination to be precise.)

Greetings,

  Gunter

-- 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
43) Java: Internetcafe (Peter Berlich)        -- 
http://www.iks-jena.de/mitarb/lutz/usenet/Fachbegriffe.der.Informatik.htm
l#43
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+                   PGP-verschlüsselte Mails bevorzugt!                 +
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20060215/1a0c1764/attachment-0001.pgp


More information about the dovecot mailing list