Hi there. I understand that the default for "allowplaintext" is now off in 2.3.9, which seems like a perfectly fine change.
However, I'm also noticing a behavioural change when allowplaintext is enabled. With 2.3.8 and "allowplaintext" on, PLAIN and LOGIN methods were only explicitly offered when a secure connection was present. I've upgraded to 2.3.9 (via Simon's RPM) and now "AUTH=PLAIN AUTH=LOGIN" are immediately offered even when no TLS/SSL encryption is enabled. Was this an intentional change? Nels Lindquist ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
