Hello, I use imaps with a single CA (home made), which make me able to filter users basing on trusted-CA signed certificates.
This allows me to restrict user's login on their ability to present a certificate signed by my CA, and only by it (that's what I hope), as I disabled all services but imaps and sieve. However, I can't find how to obtain the same behavior with sieve : it still allows non-encrypted sessions. My version is a Debian packaged one: ii cyrus-imapd-2.2 2.2.13-14+b3 Here the relevant lines of my /etc/imapd.conf : tls_cert_file: /etc/ssl/certs/xxxxxxxxxxx.pem tls_key_file: /etc/ssl/private/xxxxxxxxxxxxxx.key.pem tls_ca_file: /etc/ssl/certs/xxxxxxxxxxxx.pem tls_require_cert: true How to disable non-TLS sessions on sieve, and more generally for any cyrus service? T.Harding ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
