• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Unable to force IMAP to use TLS

W

whitecurve

Guest
I've been experimenting with trying to forcing users to use TLS when they access their mail via IMAP:143 but have come across some very strange behaviour.

I discovered that to force TLS I just have to change the variable IMAP_TLS_REQUIRED to 1.
This variable lives in /usr/lib/courier-imap/etc/imapd-ssl or /etc/courier-imap/imapd-ssl on a 7.5.4 box.

In theory with this variable set courier should only allow users to login when they use TLS.

Unfortunately after making IMAP_TLS_REQUIRED=1 all my mailclients hang. So then I checked the logs and discovered that the daemon is logging in ok but its trying to read "maildir=/root" rather then "maildir=/var/qmail/mailnames/DOMAINNAME/USERNAME/Maildir".

Even stranger is that if i set IMAP_TLS_REQUIRED=0 and force the client to use TLS courier works fine and reads the correct maildir.

In the end i have just left things like that and told my clients that for the best security they SHOULD use TLS but it seems I cant enforce this.

Can anyone from plesk shed some light on this?
 
Back
Top