Assuming that you want to prevent plaintext passwords from being transmitted in the clear, set the following in imapd.conf:
allowplaintext: no
Whoops, totally missed that. For some reason I believed that this would kill the PLAIN and LOGIN authentication methods totally. I stand corrected. This appears to do exactly what I want.
--Rob Siemborski <[EMAIL PROTECTED]> wrote:
I'm not sure what you mean here? Do you mean you want your webmail client to NOT use STARTTLS and your other clients to be forced to use it?
This wasn't actually my original question, but if I set allowplaintext to no, my webmail no longer is able to connect (as it wants an unencrypted connection). So, I'll ask a more complicated question:
Can I selectively allow 127.0.0.1 to connect plaintext? Alternately, can I allow port X to be plaintext (and limited via tcpwrappers) and have port Y be no plaintext? Hopefully I'm not being too confusing.
Daniel
