Change in allowplaintext behaviour in 2.3.9?
Nels Lindquist
nlindq at maei.ca
Fri Aug 31 16:35:21 EDT 2007
Hi there.
I understand that the default for "allowplaintext" is now off in 2.3.9,
which seems like a perfectly fine change.
However, I'm also noticing a behavioural change when allowplaintext is
enabled.
With 2.3.8 and "allowplaintext" on, PLAIN and LOGIN methods were only
explicitly offered when a secure connection was present. I've upgraded
to 2.3.9 (via Simon's RPM) and now "AUTH=PLAIN AUTH=LOGIN" are
immediately offered even when no TLS/SSL encryption is enabled.
Was this an intentional change?
Nels Lindquist
More information about the Info-cyrus
mailing list