2014-10-06 10:49:44 -05:00
|
|
|
# Allow insecure POP3/IMAP/SMTP connections without STARTTLS
|
2014-09-30 19:19:50 -05:00
|
|
|
|
2014-10-06 10:49:44 -05:00
|
|
|
With default iRedMail setting, all clients are forced to use POP3/IMAP/SMTP
|
|
|
|
|
services over STARTTLS for for better security by default. If your mail clients
|
|
|
|
|
try to access mailbox via protocol POP3 (port 110) or IMAP (port 143) without
|
|
|
|
|
TLS support, you will get error message like below:
|
2014-09-30 19:19:50 -05:00
|
|
|
|
|
|
|
|
```
|
|
|
|
|
Plaintext authentication disallowed on non-secure (SSL/TLS) connections
|
|
|
|
|
```
|
|
|
|
|
|
2014-10-06 10:49:44 -05:00
|
|
|
## Allow insecure POP3/IMAP connections
|
|
|
|
|
|
2014-09-30 19:19:50 -05:00
|
|
|
If you want to enable POP3/IMAPS without STARTTLS for some reason (again, not
|
|
|
|
|
recommended), please update below two parameters in Dovecot config file
|
|
|
|
|
`dovecot.conf` and restart Dovecot service:
|
|
|
|
|
|
|
|
|
|
* on Linux and OpenBSD, it's `/etc/dovecot/dovecot.conf`
|
|
|
|
|
* on FreeBSD, it's `/usr/local/etc/dovecot/dovecot.conf`
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
disable_plaintext_auth=no
|
|
|
|
|
ssl=yes
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Again, it's strongly recommended to use only POP3S/IMAPS for better security.
|
|
|
|
|
|
|
|
|
|
Default and recommended setting configured by iRedMail is:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
disable_plaintext_auth=yes
|
|
|
|
|
ssl=required
|
|
|
|
|
```
|
2014-10-06 10:49:44 -05:00
|
|
|
|
|
|
|
|
## Allow insecure SMTP connection
|
|
|
|
|
|
|
|
|
|
Please comment out below line in Postfix config file `/etc/postfix/main.cf`
|
|
|
|
|
and reload or restart Postfix service:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
smtpd_tls_auth_only=yes
|
|
|
|
|
```
|
