From owner-freebsd-questions@FreeBSD.ORG Sun Mar 26 22:30:05 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2C9616A567 for ; Sun, 26 Mar 2006 22:30:04 +0000 (UTC) (envelope-from amistry@am-productions.biz) Received: from mail.united-ware.com (am-productions.biz [69.61.164.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 30EA243D4C for ; Sun, 26 Mar 2006 22:30:03 +0000 (GMT) (envelope-from amistry@am-productions.biz) Received: from [192.168.1.100] (am-productions.biz [69.61.164.22]) (authenticated bits=0) by mail.united-ware.com (8.13.4/8.13.4) with ESMTP id k2QMi8NN039564 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 26 Mar 2006 17:44:14 -0500 (EST) (envelope-from amistry@am-productions.biz) From: Anish Mistry Organization: AM Productions To: freebsd-questions@freebsd.org Date: Sun, 26 Mar 2006 17:33:02 -0500 User-Agent: KMail/1.9.1 References: <442709A7.4070906@locolomo.org> In-Reply-To: <442709A7.4070906@locolomo.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3116460.Uupj6x75Jz"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200603261733.10787.amistry@am-productions.biz> X-Spam-Status: No, score=-8.1 required=5.0 tests=ALL_TRUSTED,BAYES_00, MYFREEBSD2 autolearn=failed version=3.1.0 X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on mail.united-ware.com X-Virus-Scanned: ClamAV 0.88/1357/Sat Mar 25 16:37:38 2006 on mail.united-ware.com X-Virus-Status: Clean Cc: Subject: Re: Cyrus-IMAP disallowing clear text connections X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Mar 2006 22:30:05 -0000 --nextPart3116460.Uupj6x75Jz Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 26 March 2006 16:37, Erik N=F8rgaard wrote: > Hi: > > I have a Postfix/Cyrus-IMAP setup, Postfix requires TLS and user > authentication to relay mail, and cyrus requires TLS and user > authentication to retrieve mail. Or so I thought: > > I just tested to see that things were in fact encrypted and > unencrypted connection was refused, works fine for Postfix but > Cyrus-IMAP accepts unencrypted connections _and_ authentication > even though I have set the following in imapd.conf > > allowplaintext: yes > allowplainwithouttls: no > > How do I force the use of TLS for Cyrus-IMAP? > > Also: Postfix allows hiding authentication mechanisms unless TLS is > invoked (so in clear text, capabilities just show STARTTLS), while > Cyrus-IMAP announces everything. Is there anyway to be more strict > with the cyrus in respect of what it announces? sasl_minimum_layer: 128 =2D-=20 Anish Mistry amistry@am-productions.biz AM Productions http://am-productions.biz/ --nextPart3116460.Uupj6x75Jz Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQBEJxamxqA5ziudZT0RAh+CAKDLKBJ3g86M3JoVUSSwj5KZqK9OnwCgmNjn AhGYLaOpBpX27fnuYW+P7B8= =8Es8 -----END PGP SIGNATURE----- --nextPart3116460.Uupj6x75Jz--