how to use cyradm with imaps ?
Sébastien Rozier
sebastien.rozier at cybergaia.org
Sun Apr 20 11:30:58 EDT 2008
Thanx for all your answers, but this is not my original question :-)
" In fact, I don't use and don't want to use TLS, but IMAP over SSL."
I don't want ANYTHING running on port 143.
I don't want imap daemon running on my server, only imaps.
I still want to be able to use cyradm, and use it through imaps 993.
Is it possible ?
Thanx,
Seb
-----Message d'origine-----
De : Jorey Bump [mailto:list at joreybump.com]
Envoyé : lundi 14 avril 2008 20:43
À : Andrew Morgan
Cc : Sébastien Rozier; info-cyrus at lists.andrew.cmu.edu
Objet : Re: how to use cyradm with imaps ?
Andrew Morgan wrote, at 04/14/2008 12:44 PM:
> Isn't there a way to have Cyrus listen on the regular IMAP port (143)
> but require a secure connection to login? Some trick with
> allowplaintext and/or sasl_minimum_layer?
Yes. For example:
sasl_pwcheck_method: auxprop
sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
allowplaintext: no
sasl_minimum_layer: 128
To connect with cyradm using TLS:
cyradm localhost -tls
> Who cares if you listen on 143 as long as people aren't sending
> passwords in the clear. TLS is as good as SSL.
Agreed. Furthermore, it stops a lot of brute force password cracking
attempts dead in their tracks, since most don't attempt to use encrypted
connections (they're looking for low hanging fruit, I guess).
More information about the Info-cyrus
mailing list