[Dovecot] Allow both SSL/993 and STARTTLS/143 connections (secure only)

Frank Elsner frank at moltke28.B.Shuttle.DE
Fri Jan 3 17:20:07 EET 2014


On Fri, 03 Jan 2014 10:08:15 -0500 Charles Marcus wrote:
> On 2014-01-03 8:32 AM, Charles Marcus <CMarcus at Media-Brokers.com> wrote:
> >
> > Ok, up until now, I've only always allowed IMAPS connections to 
> > dovecot on port 993.
> >
> > I want to also start allowing clients to user port143+STARTTLS, but I 
> > walso want to make sure both ports are locked down to ONLY allow 
> > secure connections. 
> 
> And I just had an idea, but don't know if it is possible.
> 
> Can I offer one namespace on one port (ie, SSL/993), and a different 
> namespace on the other port (STARTTLS/143)?

You dont' need 2 namespaces.

In 10-auth.conf set "disable_plaintext_auth = yes"


My 10-master.conf contains

| service imap-login {
|   inet_listener imap {
|     port = 143
|   }
|   inet_listener imaps {
|     port = 993
|     ssl = yes
|   }

And this works.


--Frank Elsner

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140103/4fb1177c/attachment.bin>


More information about the dovecot mailing list