[Dovecot] Disable TLS on port 143?

Jackie Hunt jackie at yuma.acns.colostate.edu
Tue Jan 9 20:31:42 UTC 2007


> But just stripping the STARTTLS from the CAPABILITY like this:
>
...
> (watch wrapping) should be sufficient.
> 
> Of course, if the real issue is that the users are frightened by the 
> unsigned certificate message, he could pony up the $100 for a cert 
> signed by a trusted authority and the clients won't even bleat...

Thanks much for the feedback John & Timo.  I hope you do add
ssl_disable_tls as an option in v 2.0 Timo.  That's be great.

Our users run a wide variety of clients, so it'd be difficult to
confirm that we wouldn't affect someone with the TLS capability,
even with a trusted authority.  Changing source is an option, true.
The other option is sslwrap, which we use with UofW.  We could disable 
ssl on Dovecot and use sslwrap for 993.  I just wanted to use
Timo's code where possible.

Jackie
---
Jackie Hunt                                                       
ACNS                                    Voice:  (970) 663-3789     
Colorado State University               FAX:    (970) 491-1958
Fort Collins, CO  80523                 Email:  jackie.hunt at colostate.edu


More information about the dovecot mailing list