On 07/13/2018 08:45 AM, J Doe wrote: > I’m aware that this is because the code does not state to specify “TLS” for > the dovecot/imap [u...@example.com 188.8.131.52 IDLE] line of output, but I’m > curious as to why that decision was made ?
TLS is done by the imap-login process. This process does all the actual talking to the client. The imap process blindly trusts whoever invoked it (imap-login), it doesn't authenticate the user either. Timo didn't want any crypto or authentication code, or to link against any such libraries in the imap process itself. Your imap-login process does show TLS and this can be logged in the log file as well, see login_log_format_elements and the variables %c and %k