27 Jan
2006
27 Jan
'06
2:47 p.m.
On Friday 27 Jan 2006 14:25, mickael.choisnard@free.fr wrote:
Hi, I use dovecot (pop) with gentoo but it's not securize.
Debian Sarge has these options in the default conf file. Should get you started.
Disable SSL/TLS support.
#ssl_disable = no
PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
dropping root privileges, so keep the key file unreadable by anyone but
root.
#ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem
SSL parameter file. Master process generates this file for login processes.
It contains Diffie Hellman and RSA parameters.
#ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
How often to regenerate the SSL parameters file. Generation is quite CPU
intensive operation. The value is in hours, 0 disables regeneration
entirely.
#ssl_parameters_regenerate = 24