Okay, we just got bitten by the Eudora 5.x STARTTLS problem that was discussed last month. We have the same problem where only those clients cannot negotiate a TLS connection properly, and thus fails to login at all. So...
Ken suggested removing or commenting out the following lines: if (tlsonly) { off |= SSL_OP_NO_SSLv2; off |= SSL_OP_NO_SSLv3; } I am wondering exactly what effect this will have on us... how does this affect clients that *do* TLS just fine, such as Mulberry, for instance? Would the other clients still use TLS and Eudora use SSLv3? For my next question, I am curious if there is a way to turn off the STARTTLS capability on the main imap port, but still allow the use of the alternate IMAP SSL port. I don't see this capability in the server, appearing to be an all or nothing type thing based onthe tls options listed in the imapd.conf file. Using stunnel to wrap imap on an imaps port is not really an option here, but I know that is one way to do it. Thanks, Scott -- +-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+ Scott W. Adkins http://www.cns.ohiou.edu/~sadkins/ UNIX Systems Engineer mailto:[EMAIL PROTECTED] ICQ 7626282 Work (740)593-9478 Fax (740)593-1944 +-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+ CNS, HDL Center, Suite 301, Ohio University, Athens, OH 45701-2979