[Dovecot] Force STARTTLS on port 143 for !internalnetwork

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Wed Feb 9 17:13:32 EET 2011


* Timo Sirainen <tss at iki.fi>:

> I think that'll work, yes, but it has the additional feature of allowing clients from localnet to fake their IP address.

Yes, I noticed this while reading the checkin message for the feature.
 
> In v2.0 you can do:
> 
> disable_plaintext_auth = yes
> local 10.0.0.0/24 {
>   disable_plaintext_auth = no
> }

Can I also specify more than one subnet there?

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebrandt at charite.de | http://www.charite.de
	    


More information about the dovecot mailing list