"disabled" TLS for ManageSieve is not honored in capabilities response

Alexandros Vellis avel at noc.uoa.gr
Tue Jul 25 14:52:19 EDT 2006

I believe this is a minor bug with ManageSieve.

Version: Cyrus 2.3.6

I have set in imapd.conf:

#tls_sieve_cert_file: <none>
#File containing the certificate used for sieve ONLY.
#If not specified, the global certificate is used.
#A value of "disabled" will disable TLS for sieve.
tls_sieve_cert_file: disabled


#tls_sieve_key_file: <none>
#File containing the private key belonging to the
#sieve-specific server certificate. If not specified,
#the global private key is used. A value of "disabled"
#will disable TLS for sieve.
tls_sieve_key_file: disabled

However "STARTTLS" is still advertised. IMHO I think it shouldn't:

"IMPLEMENTATION" "Cyrus timsieved v2.3.6"
"SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags
notify envelope relational regex subaddress copy"


Jul 25 18:48:19 vs3 sieve[32721]: TLS server engine: cannot load CA data
Jul 25 18:48:19 vs3 sieve[32721]: TLS server engine: No CA file
specified. Client side certs may not work
Jul 25 18:48:21 vs3 sieve[32721]: STARTTLS failed: vs3[xxx.xxx.xxx.xxx]


More information about the Cyrus-devel mailing list