[Dovecot] SSL only for external connections
Michael M Slusarz
slusarz at curecanti.org
Fri Sep 30 22:39:40 EEST 2011
Quoting Simon Brereton <simon.brereton at buongiorno.com>:
> But the question remains - if only because it's now there - how does
> one limit services effectively in Dovecot. In Courier it was fairly
> easy and well documented. There's no reason for me to offer IMAPS
> or POP3S to localhost (because of the certificate issue) and there's
> also no reason for me to offer POP3 to localhost either.
> For posterity and for my own edification it would be nice to know
> how to do that.
At a minimum, you can't disable TLS. If you disable TLS support in
dovecot, the server is no longer IMAP 4rev1 compliant (see RFC 3501
[6.1.1] - STARTTLS MUST be supported by server).
More information about the dovecot