r-raymond
commented
6 years ago Hi, port 143 is the IMAP starttls port. Dovecot is configured to not allow login without a tls session. Here is my example session:
Trying 192.168.56.101...
Connected to 192.168.56.101.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED] Dovecot ready.
a login user pass
* BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed.
a NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections.So the default is already what you want.
If you want to turn off Imap all together, you can set enableImap = false. To turn off IMAPS, you can use enableImapSSL.
I hope this works for you!
katyo
Is there the way to disallow the users non-SSL/TLS connection to IMAP server? I mean how to allow only STARTTLS on 143 port. Or I would like to disable 143 port at all.