IRedMail/FAQ/Allow.Insecure.POP3.IMAP.Connection.without.STARTTLS

From iRedMail
(Difference between revisions)
Jump to: navigation, search
 

Latest revision as of 08:00, 26 September 2013

Since iRedMail-0.8.0, all clients are forced to use IMAPS and POPS (via STARTTLS) for better security by default. If your mail clients try to access mailbox via protocol POP3 (port 110) or IMAP (port 143) withourt TLS support, you will get error message like below:

Plaintext authentication disallowed on non-secure (SSL/TLS) connections

If you want to enable POP3/IMAPS without STARTTLS, please update below two parameters in dovecot.conf and restart Dovecot service:

File: dovecot.conf
disable_plaintext_auth=no
ssl=yes

Again, it's strongly recommended to use only POP3S/IMAPS for better security.

Default and recommended setting configured by iRedMail is:

File: dovecot.conf
disable_plaintext_auth=yes
ssl=required
Personal tools