At 4PM -0500 on 26/02/13 you (Charles Marcus) wrote: > On 2013-02-26 3:59 PM, Ben Morrow <b...@morrow.me.uk> wrote: > > At 3PM -0500 on 26/02/13 you (Charles Marcus) wrote: > >> Now the only other question is, again already being contemplated by Timo > >> apparently, why the config file uses SSL... > > Why not? > > Because, as has been pointed out, TLS is the 'new', and SSL is the 'old'? > > >> Timo, what I would suggest is allow the use of ssl in the config file > >> for backwards compat, but change future versions to use TLS... > > > I would be against that idea. > > My turn... why?
I'm generally against gratuitous changes for no good reason. > >> I'm curious though... I'm fairly certain that my Android phone > >> differentiates between SSL and TLS, with choices something like: > >> > >> NONE > >> SSL if available > >> SSL Always > >> TLS if available > >> TLS Always > >> > >> And I always choose (chose - from now on I'll choose TLS) 'SSL Always', > >> so shouldn't these connections show 'SSL' instead of TLS, since I'm > >> basically forcing my phone to SSL? > > > I suspect the difference is that the 'SSL' options use imap-over-SSL on > > port 993 while the 'TLS' options use STARTTLS over port 143. > > Don't know how you or Reindl came to that conclusion, because the ports > are specified separately. > > So, I can specify port 993, and TLS. OK. What happens if you do that? Does the client start with an SSL ClientHello, or does it start by waiting for a plain-text OK IMAP response and then issuing CAPABILITY or STARTTLS in plain text? I suspect it does the latter, which will not work with any ordinarily- configured IMAP server (though of course it would be *possible* to configure Dovecot to support that). Ben