[courier-users] Disable POP3-Login without TLS - Bernd Wurst - net.sourceforge.lists.courier-users

4 messages in net.sourceforge.lists.courier-users[courier-users] Disable POP3-Login wi...

From	Sent On	Attachments
Bernd Wurst	Mar 31, 2009 7:03 am
Sam Varshavchik	Mar 31, 2009 4:21 pm
Bernd Wurst	Apr 1, 2009 4:17 am
Sam Varshavchik	Apr 1, 2009 4:44 pm

Subject:	[courier-users] Disable POP3-Login without TLS
From:	Bernd Wurst (ber...@bwurst.org)
Date:	Mar 31, 2009 7:03:39 am
List:	net.sourceforge.lists.courier-users

Hi.

'till now, I only start the -SSL versions of courier imapd and pop3d, so users have to turn on SSL to be able to connect. The IMAPd has a setting IMAP_TLS_REQUIRED=1 to force TLS. With this option set in the non-SSL imapd, there's still no possibility to log in without encryption.

In the pop3d, I did not find such a setting. Some web-discussions mentioned POP3_TLS_REQUIRED=1 but that one has no effect for me.

Settings the capablities to "" for non-TLS does not disable the simple "USER" command in POP3.

cu, Bernd

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets