Security with TLS
Marc Patermann
hans.moser at ofd-z.niedersachsen.de
Thu Jan 28 06:33:46 EST 2010
Hi,
Nybbles2Byte schrieb:
> Two quick questions:
>
> Is there a setting in the Cyrus server to force the use of security like
> STARTTLS in the email clients?
I may be wrong, but with
allowplaintext: 0 in imapd.conf you deny unencrypted connections with
plain/login. You then must use TLS/SSL+plain/login or
CRAM-MD5/Digest-MD5. If you don't have CRAM-MD5/Digest-MD5 enabled,
there ist only encrypted plain/login left.
> It didn't work when I specified "SSL/TLS" in Thuderbird it does work
> with STARTTLS.
What does/does not work? I don't understand.
> My understanding is that SSL/TLS would be better because
> you start off secured right from the start instead of starting in clear
> text and then negotiating a secured connection. If this is not correct,
> please enlighten me, if it is correct, is there a way to make cyrus
> accommodate "SSL/TLS"?
Take a look at the "TLS fails on imaps port" thread.
Marc
More information about the Info-cyrus
mailing list