[Dovecot] Dovecot with sasl/imaps/postfix and thunderbird

Stan Hoeppner stan at hardwarefreak.com
Thu Mar 14 02:27:08 EET 2013

On 3/13/2013 8:01 AM, Phil Turmel wrote:
> On 03/13/2013 01:51 AM, Stan Hoeppner wrote:
>> On 3/13/2013 12:00 AM, Alex wrote:
>> I just verified that TB (17.0.4) won't do STARTTLS on TCP 143 without
>> first accepting the self signed cert.
>>> I'm really hoping someone can help me to clarify more specifically
>>> what's going on here.
>> You've already clarified it.  You simply can't do account auto
>> configuration with a self signed cert, at least not with a vanilla TB
>> setup.  The only possible solution I can think of would be to preload
>> the user profile with the certificate.  I don't know how you'd do this.
>>  I think you have some research ahead of you.
> It's relatively easy.  On first starting TB with no account, cancel the
> wizard.  The use "Edit" -> "Preferences" or "≡" -> "Options..." ->
> "Options..." to get to TB's configuration pages.  There, use "Advanced"
> -> "Certificates" -> "View Certificates" -> "Servers" and finally
> "Import..."
> After you've imported the needed cert, you can re-open the wizard with
> "Create new account".
> You can also use this method to import a self-signed certificate
> authority if you want to run your own signing operation.

How does he do this at scale Phil?

That's what I was commenting on.  Importing the cert manually into each
client profile probably isn't a realistic option here.

Alex is not a sysadmin but a solutions provider.  He needs to drop the
server in place and get out with minimal fuss, and without walking
around to each user desktop at his clients' sites.  Which is why Alex
wanted to use auto configuration to begin with, I'd guess.

So assuming these are MS Windows desktops, I'd think he'd need to use
one of the Windows specific deployment tools to preload each user
profile with the cert.  That's why I said he had some research ahead of
him.  Unless someone here has that answer at hand.


More information about the dovecot mailing list