30 Июль 2003 13:21, Вы написали: > At 10:54 +0200 tsg wrote: > >You can have a look here www.bugalux.com/mbman/ (do not forget last > > slash!) there are conf files for all applications to build a secure mail > > server. User can connect to Cyrus-IMAP only imaps/pop3s ports. All > > connects without encryption refused. > > ..and those using TLS also refused. This isn't good enough I'm > afraid--sorry. I need access to port 143 for modern clients to work > properly. > In my conf file imapd.conf there is nothing about to refuse TLS encrypted connection, there line to refuse connection if ssf < 128, so all mail cients which is able to establish tls connection should be allowed.
> I forgot to say that at present we still need the use of the PLAIN > mechanism. Is it possible to only accept PLAIN (and LOGIN, for that > matter) after TLS or on the imaps port? PLAIN (LOGIN) ower SSL/TLS is considered as secure. > > >Web-mail. Squiremail (version 1.4 and above) can connect to IMAP also > > using SSL channel. Horde also. So you do not need any exception for > > localhost. Jast place your webmail package under https tree in Apache. > > No. > > Squirrelmail requires PHP 4.3 (as I said in my original mail) for this to > work. Placing it on an https server doesn't affect the IMAP traffic! I am afraid, yes. You can compile it as loadable module to apache. > > Matt
