pop 110/995, imap 143/993 ?
Peter
peter at pajamian.dhs.org
Tue Aug 22 23:27:10 EEST 2017
On 22/08/17 18:24, Aki Tuomi wrote:
> Dovecot, by default, requires STARTTLS before accepting plaintext
> authentication when SSL is configured and you are not connecting from
> localhost. You can verify this by telnetting to port 143 from somewhere
> else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you
> have enabled something like cram-md5.
>
> I think postfix, by default, will also prevent authentication without
> transport security.
No:
$ postconf -d smtpd_tls_auth_only
smtpd_tls_auth_only = no
The commented submission service in master.cf contains it, though, so if
you uncomment the service as a whole it will be set:
# -o smtpd_tls_auth_only=yes
> Also, you should probably using 587/tcp (submission) for sending mail,
> instead of 25. Some reputable ISPs prevent connecting to random MX
> servers to port 25 to make life harder for spambots.
Right, you should never use port 25 for submission, for several reasons.
Peter
More information about the dovecot
mailing list