requiring encryption but not from localhost?

Matt Bernstein mb/cyrus at
Wed Jul 30 07:21:57 EDT 2003

At 10:54 +0200 tsg wrote:

>You can have a look here (do not forget last slash!)
>there are conf files for all applications to build a secure mail server. User 
>can connect to Cyrus-IMAP only imaps/pop3s ports. All connects without 
>encryption refused.

..and those using TLS also refused. This isn't good enough I'm
afraid--sorry. I need access to port 143 for modern clients to work

I forgot to say that at present we still need the use of the PLAIN 
mechanism. Is it possible to only accept PLAIN (and LOGIN, for that 
matter) after TLS or on the imaps port?

>Web-mail. Squiremail (version 1.4 and above) can connect to IMAP also using 
>SSL channel. Horde also. So you do not need any exception for localhost. Jast 
>place your webmail package under https tree in Apache.


Squirrelmail requires PHP 4.3 (as I said in my original mail) for this to 
work. Placing it on an https server doesn't affect the IMAP traffic!


More information about the Info-cyrus mailing list