<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 07/13/2018 08:45 AM, J Doe wrote:<br>
</div>
<blockquote type="cite"
cite="mid:FA4D333E-5669-4F8D-848E-21ED68731B49@nativemethods.com">
<pre wrap="">I’m aware that this is because the code does not state to specify “TLS” for the dovecot/imap [<a class="moz-txt-link-abbreviated" href="mailto:user@example.com" moz-do-not-send="true">user@example.com</a> 1.2.3.4 IDLE] line of output, but I’m curious as to why that decision was made ?
</pre>
</blockquote>
<br>
TLS is done by the imap-login process. This process does all the
actual talking to the client. The imap process blindly trusts
whoever invoked it (imap-login), it doesn't authenticate the user
either. Timo didn't want any crypto or authentication code, or to
link against any such libraries in the imap process itself.<br>
<br>
Your imap-login process does show TLS and this can be logged in the
log file as well, see login_log_format_elements and the variables %c
and %k<br>
<br>
</body>
</html>