Re: dovecot security
On Tue, 19 Oct 2010 16:24:29 -0400, Rob Owens wrote:
> On Sun, Oct 17, 2010 at 05:56:40PM +0000, Camaleón wrote:
>> Plaintext Authentication
> Thanks for those links. I had a quick look at my config files again,
> and they seem to allow plaintext authentication (which I don't want).
> However, Icedove gives me an error when I try to connect without TLS or
> SSL. This is good, but I want to make sure that it is dovecot that is
> refusing to cooperate with plaintext connections.
Check Dovecot's log files. What error are you getting? :-?
>> _Both_ will secure your data, but with the "auto-signed-own-generated"
>> ones, you'll get a "cosmetic" error.
> Thanks. I just wanted to make sure that my auto-generated SSL cert was
> in fact auto-generated, and not just a default cert that *everybody*
> gets when they install dovecot.
Hum... probably Dovecot provides a script for users to make (and
customize) their own certificates but the templates will be the same for