On 7/9/2009, Timo Sirainen (t...@iki.fi) wrote: >> Forcing encrypted port (imaps) for everyone really doesn't add >> anything in the way of overhead on modern systems, and I just don't >> like the idea of unencrypted sessions, even on on 'trusted' >> networks.
> That's a wrong way to think about it. imaps is a legacy port that > should have died years ago. You can force encrypted sessions on imap > port just by setting disable_plaintext_auth=yes (or even more > strongly with ssl=required with v1.2+). Hmmm... ok, I thought setting imaps was the easy way to both enable TLS and set dovecot to listen on port 993... So, does disable_plaintext_auth=yes automatically change the imap listen port to 993, or would I then nees to also set 'ssl_listen: 993' (if so, wouldn't that seeting be more appropriately named tls_listen? ;)? Thanks Timo - I do prefer to use settings that are not (or not someday going to be) deprecated... -- Best regards, Charles