On Mon, 15 Jun 2015 21:11:39 +0200, you wrote: >Am 15.06.2015 um 20:26 schrieb Felix Zielcke: >> Am Montag, den 15.06.2015, 13:33 -0400 schrieb Steve Matzura: >>> I think I have it now! Found info about *correctly* defining >>> namespaces. I now get the following when telnetting in, and it all >>> looks valid. >>> >>> Trying 127.0.0.1... >>> Connected to 127.0.0.1. >>> Escape character is '^]'. >>> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >>> IDLE STARTTLS AUTH=PLAIN] Dovecot ready. >>> a login <my-username> <my-password> >>> a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >>> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS >>> THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT >>> CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE >>> QRESYNC >>> ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE >>> SPECIAL-USE] Logged in >>> a logout >>> * BYE Logging out >>> a OK Logout completed. >>> Connection closed by foreign host. >>> >>> If this is correct, then I'm off to add Postfix and get my mailing >>> lists back online. >> >> It looks like you don't enforce SSL/TLS. >> If you don't have any clients which are many years old you should do >> that. >> But of course it'S your own decision if you want your users passwords >> (and everything else) sent to your server in clear text over the wire >> > >SSL is not enforced on localhost even when specifying ssl=required. > >Take a look at the comment in /etc/dovecot/conf.d/10-ssl.conf: > # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> > # disable plain pop3 and imap, allowed are only pop3+TLS, > # pop3s, imap+TLS and imaps > # plain imap and pop3 are still allowed for local connections
That's what I thought. I have not had the opportunity to test this from another system yet.
