On T 6 Jan, 2009, at 14:59 , Ed Schouten wrote:
My question: is there support to enforce TLS when people connect to
non-SSL ports? If someone comes up with a solution, I'll add it to the
SSL article on the Wiki.
I'm using Dovecot 1.1.7, installed on a FreeBSD 6.4-STABLE system.
not sure I understand the question correctly, if I do then the answer
would be you cannot. If the client wants to speak plain it will. I do
not see why you would want to keep on listening on port 143 if you
want to enforce SSL, but if you really want to:
protocol imap {
listen = 127.0.0.1:143
ssl_listen = *:993 <interface-ip>:143
}
You can of course drop <interface-ip>:143.
Giuliano
