2014-09-30 19:19:50 -05:00
< html >
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
2014-10-06 10:49:44 -05:00
< title > Allow insecure POP3/IMAP/SMTP connections without STARTTLS< / title >
2014-09-30 19:19:50 -05:00
< link href = "./css/markdown.css" rel = "stylesheet" > < / head >
< / head >
< body >
< div id = "navigation" >
< a href = "http://www.iredmail.org" target = "_blank" > iRedMail web site< / a >
// < a href = "./index.html" > Document Index< / a >
2014-10-06 10:49:44 -05:00
< / div > < h1 id = "allow-insecure-pop3imapsmtp-connections-without-starttls" > Allow insecure POP3/IMAP/SMTP connections without STARTTLS< / h1 >
< p > With default iRedMail setting, all clients are forced to use POP3/IMAP/SMTP
2014-10-07 01:24:53 -05:00
services over STARTTLS for secure connections. If your mail clients
2014-10-07 01:19:38 -05:00
try to access mailbox via protocol POP3/IMAP without TLS support, you will
get error message like below:< / p >
2014-09-30 19:19:50 -05:00
< pre > < code > Plaintext authentication disallowed on non-secure (SSL/TLS) connections
< / code > < / pre >
2014-10-06 10:49:44 -05:00
< h2 id = "allow-insecure-pop3imap-connections" > Allow insecure POP3/IMAP connections< / h2 >
2014-10-07 01:19:38 -05:00
< p > If you want to enable POP3/IMAP services without STARTTLS for some reason
(again, not recommended), please update below two parameters in Dovecot config
file < code > /etc/dovecot/dovecot.conf< / code > and restart Dovecot service:< / p >
2014-09-30 19:19:50 -05:00
< ul >
< li > on Linux and OpenBSD, it's < code > /etc/dovecot/dovecot.conf< / code > < / li >
< li > on FreeBSD, it's < code > /usr/local/etc/dovecot/dovecot.conf< / code > < / li >
< / ul >
< pre > < code > disable_plaintext_auth=no
ssl=yes
< / code > < / pre >
< p > Again, it's strongly recommended to use only POP3S/IMAPS for better security.< / p >
< p > Default and recommended setting configured by iRedMail is:< / p >
< pre > < code > disable_plaintext_auth=yes
ssl=required
2014-10-06 10:49:44 -05:00
< / code > < / pre >
< h2 id = "allow-insecure-smtp-connection" > Allow insecure SMTP connection< / h2 >
< p > Please comment out below line in Postfix config file < code > /etc/postfix/main.cf< / code >
and reload or restart Postfix service:< / p >
< pre > < code > smtpd_tls_auth_only=yes
2014-09-30 19:19:50 -05:00
< / code > < / pre > < br / > < p > If you found something wrong in this document, please do < a href = "http://www.iredmail.org/contact.html" > contact us< / a > to fix it.< / p > < / body > < / html >