2016-05-19 06:51:20 -05:00
<!DOCTYPE html>
2014-09-30 19:19:50 -05:00
< html >
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
2014-10-06 10:49:44 -05:00
< title > Allow insecure POP3/IMAP/SMTP connections without STARTTLS< / title >
2015-07-31 23:14:52 -05:00
< link rel = "stylesheet" type = "text/css" href = "./css/markdown.css" / >
2014-09-30 19:19:50 -05:00
< / head >
< body >
2019-07-13 06:21:55 -05:00
2014-09-30 19:19:50 -05:00
< div id = "navigation" >
2017-11-16 21:48:44 -06:00
< a href = "https://www.iredmail.org" target = "_blank" >
2016-04-19 12:48:51 -05:00
< img alt = "iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>
< span > iRedMail< / span >
< / a >
2016-05-24 21:50:49 -05:00
// < a href = "./index.html" > Document Index< / a > < / div > < div class = "admonition note" >
2019-09-05 22:38:58 -05:00
< p class = "admonition-title" > This tutorial is available in other languages. < a href = "https://github.com/iredmail/docs" > Help translate more< / a > < / p >
2016-05-24 21:50:49 -05:00
< p > < a href = "./allow.insecure.pop3.imap.smtp.connections-it_IT.html" > Italiano< / a > /< / p >
< / div >
< h1 id = "allow-insecure-pop3imapsmtp-connections-without-starttls" > Allow insecure POP3/IMAP/SMTP connections without STARTTLS< / h1 >
2016-02-22 07:22:43 -06:00
< div class = "toc" >
< ul >
< li > < a href = "#allow-insecure-pop3imapsmtp-connections-without-starttls" > Allow insecure POP3/IMAP/SMTP connections without STARTTLS< / a > < ul >
< li > < a href = "#allow-insecure-pop3imap-connections" > Allow insecure POP3/IMAP connections< / a > < / li >
2017-03-04 21:27:25 -06:00
< li > < a href = "#allow-insecure-smtp-connection-on-port-25" > Allow insecure SMTP connection on port 25< / a > < / li >
2016-02-22 07:22:43 -06:00
< / ul >
< / li >
< / ul >
< / div >
2014-10-06 10:49:44 -05:00
< p > With default iRedMail setting, all clients are forced to use POP3/IMAP/SMTP
2014-10-07 01:24:53 -05:00
services over STARTTLS for secure connections. If your mail clients
2014-10-07 01:19:38 -05:00
try to access mailbox via protocol POP3/IMAP without TLS support, you will
get error message like below:< / p >
2014-09-30 19:19:50 -05:00
< pre > < code > Plaintext authentication disallowed on non-secure (SSL/TLS) connections
< / code > < / pre >
2016-03-03 07:11:33 -06:00
< p > This tutorial describes how to allow insecure connection for daily use.< / p >
< div class = "admonition note" >
< p class = "admonition-title" > Note< / p >
< p > If you just have 1 or few network devices like printer, firewall need to
send email with insecure connection, please follow this tutorial instead:
< a href = "./additional.smtp.port.html" > Allow internal network devices to send email with insecure connection< / a > .< / p >
< / div >
2014-10-06 10:49:44 -05:00
< h2 id = "allow-insecure-pop3imap-connections" > Allow insecure POP3/IMAP connections< / h2 >
2014-10-07 01:19:38 -05:00
< p > If you want to enable POP3/IMAP services without STARTTLS for some reason
(again, not recommended), please update below two parameters in Dovecot config
file < code > /etc/dovecot/dovecot.conf< / code > and restart Dovecot service:< / p >
2014-09-30 19:19:50 -05:00
< ul >
< li > on Linux and OpenBSD, it's < code > /etc/dovecot/dovecot.conf< / code > < / li >
< li > on FreeBSD, it's < code > /usr/local/etc/dovecot/dovecot.conf< / code > < / li >
< / ul >
< pre > < code > disable_plaintext_auth=no
ssl=yes
< / code > < / pre >
< p > Again, it's strongly recommended to use only POP3S/IMAPS for better security.< / p >
< p > Default and recommended setting configured by iRedMail is:< / p >
< pre > < code > disable_plaintext_auth=yes
ssl=required
2014-10-06 10:49:44 -05:00
< / code > < / pre >
2017-03-04 21:27:25 -06:00
< h2 id = "allow-insecure-smtp-connection-on-port-25" > Allow insecure SMTP connection on port 25< / h2 >
2016-06-14 09:49:19 -05:00
< p > Please comment out lines below in Postfix config file < code > /etc/postfix/main.cf< / code >
2014-10-06 10:49:44 -05:00
and reload or restart Postfix service:< / p >
2017-03-04 21:27:25 -06:00
< pre > < code > smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
# force all clients to use secure connection through port 25
#smtpd_tls_auth_only=yes
2016-05-19 06:51:20 -05:00
< / code > < / pre > < div class = "footer" >
2019-09-06 00:54:43 -05:00
< p style = "text-align: center; color: grey;" > All documents are available in < a href = "https://github.com/iredmail/docs/" > BitBucket repository< / a > , and published under < a href = "http://creativecommons.org/licenses/by-nd/3.0/us/" target = "_blank" > Creative Commons< / a > license. You can < a href = "https://github.com/iredmail/docs/archive/master.zip" > download the latest version< / a > for offline reading. If you found something wrong, please do < a href = "https://www.iredmail.org/contact.html" > contact us< / a > to fix it.< / p >
2016-05-19 06:51:20 -05:00
< / div >
2017-11-05 02:33:58 -06:00
<!-- Global site tag (gtag.js) - Google Analytics -->
< script async src = "https://www.googletagmanager.com/gtag/js?id=UA-3293801-21" > < / script >
< script >
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
2015-02-05 07:02:53 -06:00
2017-11-05 02:33:58 -06:00
gtag('config', 'UA-3293801-21');
2014-10-13 19:28:43 -05:00
< / script >
< / body > < / html >