On Friday 27 Jan 2006 14:25, mickael.choisnard@free.fr wrote:

Hi, I use dovecot (pop) with gentoo but it's not securize.

Debian Sarge has these options in the default conf file. Should get you started.

Disable SSL/TLS support.

#ssl_disable = no

PEM encoded X.509 SSL/TLS certificate and private key. They're opened before

dropping root privileges, so keep the key file unreadable by anyone but

root.

#ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem

SSL parameter file. Master process generates this file for login processes.

It contains Diffie Hellman and RSA parameters.

#ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat

How often to regenerate the SSL parameters file. Generation is quite CPU

intensive operation. The value is in hours, 0 disables regeneration

entirely.

#ssl_parameters_regenerate = 24