similar to: Looking for HOWTO for fc18 with postfix/TLS/imaps

Hi, I have an fc18 system with postfix and dovecot-2.1.13 and have configured them to use sasl for SMTP Auth and Maildir with imaps. The system is running now, so I'm trying to set up thunderbird to autodetect all settings during the initial account setup. However, it seems to want to use port 143 and STARTTLS, and not port 993, which is what I would expect. When I force it to use 993, I

hey friends, I am trying to secure my mail server.I have enabled TLS support in postfix(version postfix-2.1.5), now I am trying to configure squirrelmail(version 1.4.4-1 rpm) for tls/ssl support.In config.php i have choosen use_imap_tls=true and use_smpt_tls=true. Moreover If I send any mail from squirrelmail there are no entries for ssl or tls in maillogs whereas If I send the mail through

I'm testing my new dovecot server with Thundirbird I can have it working on port 143 with STARTTLS, or on port 993 with SSL/TLS my uderstanding is that on 993 I get encrypted 'password and mail transfer' (yes ?) so what happens if I use 143 with STARTTLS, is that equivalent to port 993 if STARTTLS is used ? thanks for any insights.. -- Voytek

I'm trying to adapt http://wiki2.dovecot.org/HowTo/ImapcProxy to our Exchange Server, which has LOGINDISABLED on Port 143, and I offering LOGIN on Port 993. How do I go about this? Simply changing imapc_port to: imapc_port = 993 doesnt work: Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS

I asked a user today to make sure his incoming and outgoing email was using TLS. He told me it wasn't possible because my Dovecot / Postfix daemons were only listening on TCP 25 & 143 according to a port scan he did. He told me the only way I could enable encrypted secure sessions between the client & server is to enable port 993 (IMAPs). I told him that TLS is supported on my mail

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi, i've built dovecot latest cvs on OSX 10.4.7. i'm making a 1st attempt @ trying/failing to get TLS operation up-n-running ... my install's OK: Install prefix ...................... : /usr/local/dovecot File offsets ........................ : 64bit I/O loop method ..................... : poll File change notification method

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 11 Dec 2014, Wayne Andersen wrote: > Log onto incoming mail server (IMAP): A secure connection to the server > cannot be established. > > I have set the port to 143,993,995 none of them work, and the security to > TLS. 993 is IMAP-over-SSL, which is probably not named "TLS", but "SSL" in Outlook. Usually

Hello, I'm providing IMAP+Starttls on port 143 for users with legacy MUA. So I've to enable TLS1.0 up to TLS1.3 For IMAPS / port 993 I like to enable TLS1.2 and TLS1.3 only. Is this possible with dovecot-2.2.36 / how to setup this? Thanks for suggestions, Andreas

On Mon, 21 Aug 2017, Sebastian Arcus wrote: > > On 21/08/17 10:37, Gedalya wrote: > > On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote: > > > is there a 'preferred way'? should I tell users to use 143 over 993 ? or > > > 993 over 143? or? > > There is no concrete answer. There are various opinions and feelings about > > this. > > The

hi, i'm using dovecot 1.2.15 with self signed certificates using starttls on ports 110/143 works ok with thunderbird 10.0.12 (and i guess most other clients) using imaps on port 993 works with outlook 2002. with thunderbird 10.0.12 i can't connect to port 993 and get errors in the logs like TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad

Am 14.11.18 um 20:22 schrieb Aki Tuomi: > Not possible I'm afraid. Hello Aki, is it not possible in 2.2.36 or not possible at all? I stumbled upon RFC 8314 *) and I found it a welcome option to enforce more modern protocols/ciphers. IMAPS/SUBMISSIONS aren't used widely (at least to my knowlege, many postmaster used to configure IMAP+SUBMISSION and STARTTLS) Switching Clients to

On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote: > is there a 'preferred way'? should I tell users to use 143 over 993 ? or > 993 over 143? or? There is no concrete answer. There are various opinions and feelings about this. The opinion againt 993/995 is that these are not standard ports, and there is no need to allocate new ports for the secure version of each protocol since we

Hi, TLS on imap port 143 works. But if I try TLS on managesieve port 4190, I get no connection. Dec 12 21:16:10 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, secured Dec 12 21:16:20 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, TLS handshaking: Disconnected # gnutls-cli

just setting a new Dovecot server to migrate from older system, but, I have a general question: 1. I've set the server with self issued cert, and both pop/imap StartTLS/110/143 SSL/993/995 (apologies if I'm using wrong naming terminology) is there a 'preferred way'? should I tell users to use 143 over 993 ? or 993 over 143? or? my current understanding is that some (MS?)

Hi List, I have a postfix server based on CentOS 5 in which I have been trying to add TLS encryption support for SMTP. From the localhost when I do an EHLO, following is the output [root at xxxxxxx ~]# nc localhost 25 220 xxxxxxx.xxxx.xxx.xx ESMTP Postfix EHLO localhost 250-xxxxxxx.xxxx.xxx.xx 250-PIPELINING 250-SIZE 41943040 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN

> On November 14, 2018 at 12:46 PM "A. Schulze" <sca at andreasschulze.de> wrote: < > I stumbled upon RFC 8314 *) and I found it a welcome option to enforce more modern protocols/ciphers. > IMAPS/SUBMISSIONS aren't used widely (at least to my knowlege, many postmaster used to configure IMAP+SUBMISSION and STARTTLS) "IMAPS" has been used forever. Every

On Wed, 14 Nov 2018, Aki Tuomi wrote: >> I'm providing IMAP+Starttls on port 143 for users with legacy MUA. So >> I've to enable TLS1.0 up to TLS1.3 For IMAPS / port 993 I like to >> enable TLS1.2 and TLS1.3 only. >> >> Is this possible with dovecot-2.2.36 / how to setup this? > > Not possible I'm afraid. ("Not possible" = challenge!)

Hello, i'm test system dovecot (proxy with director) and backend storage, auth LDAP server (user plain passwords) If i use plain auth, work fine. If connect DIGEST-MD5 or CRAM-MD5 proxy not redirect connection (Requested DIGEST-MD5 scheme, but we have a NULL password) ### Frontend proxy+director # dovecot -n # 2.2.19: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 10.2-RELEASE amd64

Hi all, Is there a way to enforce STARTTLS for all connections, regardless their authentication mechanism? disable_plaintext_auth only takes care of the auth conversation, but I would like to have all communication encrypted. As far as I can see, this would only be possible when using imaps and disabling imap. However, I would like to have the other way around; disabling imaps and using imap for

Hi, I have a postfix+dovecot-2.2.13 system and have configured it to support IMAPS on 993 with SSL/TLS. I'm noticing with users using Thunderbird, the autodetect defaults to IMAPS on 143 with STARTTLS. Which is preferred? Which is more secure? Which is more common? Why would someone choose one over the other? Can I ask the same question about SMTP and submission? Why would one choose 587