[Dovecot] Disable TLS on port 143?
Jackie Hunt
jackie at yuma.acns.colostate.edu
Tue Jan 9 20:31:42 UTC 2007
> But just stripping the STARTTLS from the CAPABILITY like this:
>
...
> (watch wrapping) should be sufficient.
>
> Of course, if the real issue is that the users are frightened by the
> unsigned certificate message, he could pony up the $100 for a cert
> signed by a trusted authority and the clients won't even bleat...
Thanks much for the feedback John & Timo. I hope you do add
ssl_disable_tls as an option in v 2.0 Timo. That's be great.
Our users run a wide variety of clients, so it'd be difficult to
confirm that we wouldn't affect someone with the TLS capability,
even with a trusted authority. Changing source is an option, true.
The other option is sslwrap, which we use with UofW. We could disable
ssl on Dovecot and use sslwrap for 993. I just wanted to use
Timo's code where possible.
Jackie
---
Jackie Hunt
ACNS Voice: (970) 663-3789
Colorado State University FAX: (970) 491-1958
Fort Collins, CO 80523 Email: jackie.hunt at colostate.edu
More information about the dovecot
mailing list