On 10/13/2013 02:30 AM, Sam Varshavchik wrote: >> So what does define the STARTTLS protocol on esmtpd >> a) TLS_PROTOCOL in esmtpd or >> b) TLS_STARTTLS_PROTOCOL in esmtpd-ssl? > > One is for esmtp over ssl (port 465), then other one is for STARTTLS. > For all practical purposes, they should all be the same, now.
As usual I am confused again. How would I go about ONLY having TLS on ports 143 and 587 but without enabling SSL ports 465 and 993? I can't seem to disable or remove esmtpd-ssl and imapd-ssl without also disabling TLS on 143 and 587, ie; even though I have ESMTPDSSLSTART=NO there is still a port open on 465... ~ egrep -v "^($|#)" /etc/courier/esmtpd-ssl | sort AUTH_REQUIRED=0 BOFHCHECKDNS=1 BOFHNOEXPN=0 BOFHNOVRFY=0 COURIERTLS=/usr/bin/couriertls ESMTPDSSLSTART=NO ESMTP_LOG_DIALOG=0 exec_prefix=/usr MAXDAEMONS=40 MAXPERC=5 MAXPERIP=5 NOADDDATE=1 NOADDMSGID=1 prefix=/usr SSLADDRESS=0 SSLPIDFILE=/var/run/courier/esmtpd-ssl.pid SSLPORT=465 TARPIT=1 TLS_CERTFILE=/etc/courier/esmtpd.pem TLS_CERTS=X509 TLS_COMPRESSION=ALL TLS_KX_LIST=ALL TLS_TRUSTCERTS=/etc/ssl/certs TLS_VERIFYPEER=NONE And the same here, even with IMAPDSSLSTART=NO I still have a port 993 open... ~ egrep -v "^($|#)" /etc/courier/imapd-ssl | sort COURIERTLS=/usr/bin/couriertls IMAPDSSLSTART=NO IMAPDSTARTTLS=YES IMAP_TLS_REQUIRED=0 MAILDIRPATH=Maildir SSLADDRESS=0 SSLLOGGEROPTS="-name=imapd-ssl" SSLPIDFILE=/var/run/courier/imapd-ssl.pid SSLPORT=993 TLS_CACHEFILE=/var/lib/courier/couriersslcache TLS_CACHESIZE=524288 TLS_CERTFILE=/etc/courier/imapd.pem TLS_CERTS=X509 TLS_COMPRESSION=ALL TLS_KX_LIST=ALL TLS_TRUSTCERTS=/etc/ssl/certs TLS_VERIFYPEER=NONE If I remove the courier-imapd-ssl and courier-imap-ssl packages altogether then there are no certs or TLS available on ports 143 and 587. I thought just courier-ssl might be enough for certs and TLS on 143 and 587, but no. Ubuntu 13.10 64bit, courier-mta 0.68.2, courier-imap 4.10.0 ------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
