Timo Sirainen a écrit :
On Sat, 2009-06-27 at 20:06 +0200, Jean-Noel Chardron wrote:
This is the protocol: the server announces its capability but can not
force the use of TLS which is an initiative of the client.
Server can't force clients to do STARTTLS, but it can prevent clients
from being able to log in without it. This is what Dovecot does by
default, with disable_plaintext_auth=yes. If it's enabled and STARTTLS
isn't used and client tries to log in, Dovecot says:
1 login foo bar
* BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your
client did it anyway. If anyone was listening, the password was exposed.
1 NO [CLIENTBUG] Plaintext authentication disallowed on non-secure (SSL/TLS)
connections.
very interesting, I didn't think about it. This may indeed be the case.
and thus forcing the users to make the choice of TLS in a hostile
environment. however then this rule will also apply to an environment of
"friendly" on the local network. This is not the goal for sedentary
among us, unless the default configuration of clients was not "plain
text" but "do TLS if possible".