STARTTLS Question
Ken Murchison
ken at oceana.com
Tue Oct 7 17:01:05 EDT 2003
Daniel Whelan wrote:
> I'm currently operating a Cyrus server listening in the following
> configuration, and authenticating via PLAIN/LOGIN with a saslauthd
> backend (only relevant config lines listed):
>
> imap cmd="imapd -U 30" listen="localhost:imap"
> imaps cmd="imapd -s -U 30" listen="imaps"
> pop3s cmd="pop3d -s -U 30" listen="pop3s"
>
> The IMAPS and POP3S ports are for user interaction, and the IMAP port is
> for the local webmail client (which operates over apache and mod_ssl). I
> don't wish to offer any services in an unencrypted format.
>
> My question is, can I offer the IMAP port to any client but configure it
> such that they are required to STARTTLS to communicate?
Assuming that you want to prevent plaintext passwords from being
transmitted in the clear, set the following in imapd.conf:
allowplaintext: no
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the Info-cyrus
mailing list