2014-10-06 10:49:44 -05:00
|
|
|
# Allow insecure POP3/IMAP/SMTP connections without STARTTLS
|
2014-09-30 19:19:50 -05:00
|
|
|
|
2014-10-06 10:49:44 -05:00
|
|
|
With default iRedMail setting, all clients are forced to use POP3/IMAP/SMTP
|
2014-10-07 01:22:31 -05:00
|
|
|
services over STARTTLS for secure connections. If your mail clients
|
2014-10-07 01:19:38 -05:00
|
|
|
try to access mailbox via protocol POP3/IMAP without TLS support, you will
|
|
|
|
|
get error message like below:
|
2014-09-30 19:19:50 -05:00
|
|
|
|
|
|
|
|
```
|
|
|
|
|
Plaintext authentication disallowed on non-secure (SSL/TLS) connections
|
|
|
|
|
```
|
|
|
|
|
|
2014-10-06 10:49:44 -05:00
|
|
|
## Allow insecure POP3/IMAP connections
|
|
|
|
|
|
2014-10-07 01:19:38 -05:00
|
|
|
If you want to enable POP3/IMAP services without STARTTLS for some reason
|
|
|
|
|
(again, not recommended), please update below two parameters in Dovecot config
|
|
|
|
|
file `/etc/dovecot/dovecot.conf` and restart Dovecot service:
|
2014-09-30 19:19:50 -05:00
|
|
|
|
|
|
|
|
* on Linux and OpenBSD, it's `/etc/dovecot/dovecot.conf`
|
|
|
|
|
* on FreeBSD, it's `/usr/local/etc/dovecot/dovecot.conf`
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
disable_plaintext_auth=no
|
|
|
|
|
ssl=yes
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Again, it's strongly recommended to use only POP3S/IMAPS for better security.
|
|
|
|
|
|
|
|
|
|
Default and recommended setting configured by iRedMail is:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
disable_plaintext_auth=yes
|
|
|
|
|
ssl=required
|
|
|
|
|
```
|
2014-10-06 10:49:44 -05:00
|
|
|
|
|
|
|
|
## Allow insecure SMTP connection
|
|
|
|
|
|
|
|
|
|
Please comment out below line in Postfix config file `/etc/postfix/main.cf`
|
|
|
|
|
and reload or restart Postfix service:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
smtpd_tls_auth_only=yes
|
|
|
|
|
```
|
