[Dovecot] Disable TLS on port 143?

Brian Morrison bdm at fenrir.org.uk
Tue Jan 9 20:13:38 UTC 2007


On Tue, 9 Jan 2007 21:57:59 +0200
Timo Sirainen <tss at iki.fi> wrote:

> > I haven't hear of ipchains, I'll investigate. 

iptables would be better, ipchains is from kernel 2.2 so it's
deprecated.
 
> 
> It'd have to remove "STARTTLS" from CAPABILITY response. No idea if  
> it's actually capable of doing that.

The sane thing is simply to block all incoming traffic on port 143,
then only port 993 is available. If this creates problems with other
site policies, or external access if people need it, then it isn't a
good solution.

-- 

Brian Morrison

bdm at fenrir dot org dot uk

   "Arguing with an engineer is like wrestling with a pig in the mud;
    after a while you realize you are muddy and the pig is enjoying it."
    
GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html


More information about the dovecot mailing list