On Sun, Oct 17, 2010 at 05:56:40PM +0000, Camaleón wrote: > On Sun, 17 Oct 2010 11:21:28 -0400, Rob Owens wrote: > > > 1) It seems like cleartext communication is disabled by default, and > > only TLS or SSL is allowed. I can't find this in the docs or conf file, > > though. Can anybody confirm this is the case? > > Look, at their testing sample page there is a connection to IMAP 143 > stantard port (no imaps/993): > > http://wiki2.dovecot.org/TestInstallation > > Also: > > Plaintext Authentication > http://wiki2.dovecot.org/BasicConfiguration > Thanks for those links. I had a quick look at my config files again, and they seem to allow plaintext authentication (which I don't want). However, Icedove gives me an error when I try to connect without TLS or SSL. This is good, but I want to make sure that it is dovecot that is refusing to cooperate with plaintext connections.
> > 2) There is a certificate used for secure communication w/ the server, > > but I did not generate it myself. Was it generated automatically for > > me? Or is it a default cert that I should replace with my own? > > Most e-mail services include their own (even auto-generated) SSL > certificates. You can use them (your clients will receive a security > alert about SSL certificate being invalid/not trusted which is the normal > behaviour) or you can replace them with real ones (Verisign, Thatwe, > etc...) validated certificates coming from a CA. > > _Both_ will secure your data, but with the "auto-signed-own-generated" > ones, you'll get a "cosmetic" error. > Thanks. I just wanted to make sure that my auto-generated SSL cert was in fact auto-generated, and not just a default cert that *everybody* gets when they install dovecot. -Rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101019202429.gb7...@aurora.owens.net
