Cyrus-IMAP disallowing clear text connections

Erik Nørgaard norgaard at
Sun Mar 26 21:37:49 UTC 2006


I have a Postfix/Cyrus-IMAP setup, Postfix requires TLS and user 
authentication to relay mail, and cyrus requires TLS and user 
authentication to retrieve mail. Or so I thought:

I just tested to see that things were in fact encrypted and unencrypted 
connection was refused, works fine for Postfix but Cyrus-IMAP accepts 
unencrypted connections _and_ authentication even though I have set the 
following in imapd.conf

   allowplaintext: yes
   allowplainwithouttls: no

How do I force the use of TLS for Cyrus-IMAP?

Also: Postfix allows hiding authentication mechanisms unless TLS is 
invoked (so in clear text, capabilities just show STARTTLS), while 
Cyrus-IMAP announces everything. Is there anyway to be more strict with 
the cyrus in respect of what it announces?

Thanks, Erik

Ph: +34.666334818                                  web:
S/MIME Certificate:
Subject ID:  9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72
Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9

More information about the freebsd-questions mailing list