1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

unable to force IMAP to use TLS

Discussion in 'Plesk for Linux - 8.x and Older' started by whitecurve, Nov 12, 2005.

  1. whitecurve

    whitecurve Guest

    I've been experimenting with trying to forcing users to use TLS when they access their mail via IMAP:143 but have come across some very strange behaviour.

    I discovered that to force TLS I just have to change the variable IMAP_TLS_REQUIRED to 1.
    This variable lives in /usr/lib/courier-imap/etc/imapd-ssl or /etc/courier-imap/imapd-ssl on a 7.5.4 box.

    In theory with this variable set courier should only allow users to login when they use TLS.

    Unfortunately after making IMAP_TLS_REQUIRED=1 all my mailclients hang. So then I checked the logs and discovered that the daemon is logging in ok but its trying to read "maildir=/root" rather then "maildir=/var/qmail/mailnames/DOMAINNAME/USERNAME/Maildir".

    Even stranger is that if i set IMAP_TLS_REQUIRED=0 and force the client to use TLS courier works fine and reads the correct maildir.

    In the end i have just left things like that and told my clients that for the best security they SHOULD use TLS but it seems I cant enforce this.

    Can anyone from plesk shed some light on this?
  2. phoenixisp

    phoenixisp Silver Pleskian

    Feb 2, 2002
    Likes Received:
    Two threads on the same problem? Not nice or proper!!