[Dovecot] Disable security for testing?

Branko Majic branko at majic.rs
Mon Sep 3 17:01:19 EEST 2012


On Mon, 3 Sep 2012 20:15:27 +1000
"Voytek Eymont" <voytek at sbt.net.au> wrote:

> in my limited experience, when I tried to set Outlook Express clients
> with my Dovecot 2, I couldn't get to do ssl/tls on port 110, only on
> 995; (I think..? I struck same with IMAP, couldn't get ssl/tls on
> 143, but, got it on 993)
> 
> question:
> is it because Outlook Express does SSL only, but not TLS?
> (or is it simply because it's crappy application ?)

The ports 143 and 993 are used in different way when you want to have
TLS. In case of 143, you begin the communication in unencrypted mode,
then tell the server that you want to initiate a TLS handshake (you
literally send a STARTTLS string to it). After that both client and
server start negotiating the TLS connection (and hopefully they
manage to do it :).

With the port 993 the expected/standard behavior is that you begin the
TLS handshake right upon establishing the connection. Normally the
servers will not accept any unencrypted IMAP command on it (in other
words, you don't send STARTTLS to the server, the server expects you to
start the handshake right away).

Similar concept is implemented for POP3, SMTP, LDAP, XMPP, and many
others...

Btw, SSL and TLS are kind of the same things (or to be more precise
when people are talking about it they refer to the same thing, unless
they're crypto techies which are using the terminology correctly :)

Best regards

P.S.
It's quite probably a crappy application as well :)

-- 
Branko Majic
Jabber: branko at majic.rs
Please use only Free formats when sending attachments to me.

Бранко Мајић
Џабер: branko at majic.rs
Молим вас да додатке шаљете искључиво у слободним форматима.



More information about the dovecot mailing list