[Dovecot] Protocol logging - TLS vs SSL

Reindl Harald h.reindl at thelounge.net
Wed Feb 27 00:12:31 EET 2013



Am 26.02.2013 23:03, schrieb Charles Marcus:
> Question: can you use arbitrary ports for secure IMAP/POP/SMTP? I don't 
> see why not. You can use arbitrary ports for secure http...

you still refuse to understand the difference between STARTTLS
and SSL/TLS, we are speaking about 143/993 to not confuse
your ignorance by bliss more as it is already the case

postfix example for port 465, YES YOU CAN sue any other of the 65535
BUT if you configure "smtpd_tls_wrappermode=yes" for smtp on port
25 you will never ever receive any ssl/tls encrypted message because
it is NOT STARTTLS and and least posfix does not support tsl_wrappermode
for smtp AKA outgoing mail

http://www.postfix.org/TLS_README.html#client_tls
> Although the Postfix SMTP client by itself doesn't support TLS wrapper
> mode, it is relatively easy to forward a connection through the stunnel
> program if Postfix needs to deliver mail to some legacy system that
> doesn't support STARTTLS

if you still refuse to understand the difference i fear nobody
is able to help you on this world - people can write manpages
for you but you have to read them by yur own

smtps           inet  n       -       n       -       20      smtpd -o smtpd_sasl_auth_enable=yes
 -o smtpd_delay_reject=yes
 -o smtpd_client_restrictions=permit_sasl_authenticated,reject
 -o smtpd_tls_wrappermode=yes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130226/4bea87b1/attachment.bin>


More information about the dovecot mailing list