"disabled" TLS for ManageSieve is not honored in capabilities
response
Alexandros Vellis
avel at noc.uoa.gr
Tue Jul 25 14:52:19 EDT 2006
I believe this is a minor bug with ManageSieve.
Version: Cyrus 2.3.6
I have set in imapd.conf:
#tls_sieve_cert_file: <none>
#File containing the certificate used for sieve ONLY.
#If not specified, the global certificate is used.
#A value of "disabled" will disable TLS for sieve.
tls_sieve_cert_file: disabled
#------------------------------------------------------
#tls_sieve_key_file: <none>
#File containing the private key belonging to the
#sieve-specific server certificate. If not specified,
#the global private key is used. A value of "disabled"
#will disable TLS for sieve.
tls_sieve_key_file: disabled
However "STARTTLS" is still advertised. IMHO I think it shouldn't:
"IMPLEMENTATION" "Cyrus timsieved v2.3.6"
"SASL" "LOGIN PLAIN"
"SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags
notify envelope relational regex subaddress copy"
"STARTTLS"
OK
Log:
.......
Jul 25 18:48:19 vs3 sieve[32721]: TLS server engine: cannot load CA data
Jul 25 18:48:19 vs3 sieve[32721]: TLS server engine: No CA file
specified. Client side certs may not work
Jul 25 18:48:21 vs3 sieve[32721]: STARTTLS failed: vs3[xxx.xxx.xxx.xxx]
Regards,
Alexandros
More information about the Cyrus-devel
mailing list