Durk Strooisma wrote: >> On 1/15/2009, Durk Strooisma (d...@kern.nl) wrote: >> >>> As far as I can see, this would only be possible when using imaps and >>> disabling imap. However, I would like to have the other way around; >>> disabling imaps and using imap for all communication (with enforced >>> STARTTLS). >>> Am I missing something? > I've tried to enforce STARTTLS for any possible connection, to avoid using > tunneling, but I couldn't find an option to do so. > >
First you need to disable any ssl_listen in the protocol section:
protocol imap {
listen = *:143
# ssl_listen = *:993
}
protocol pop3 {
listen = *:110
# ssl_listen = *:995
}
Then set:
disable_plaintext_auth = yes
That will give you the ability for users to only log in via TLS.
signature.asc
Description: OpenPGP digital signature
