Closed jkroonza closed 1 year ago
tlsrequired() gets called only if have_starttls(), which checks IMAP_STARTTLS. The startup script sets IMAP_STARTTLS only on port 143, and not on 993, so this shouldn't matter, but it does no harm...
We're configured with both explicit TLS (connect to port and start TLS directly) and STARTTLS (connect on non-TLS port then issue STARTTLS), and our experience was that enabling TLS_REQUIRED prevented clients connecting explicitly to TLS from authenticating. Perhaps the STARTTLS setting should then be explicitly disabled in the case of _TLS already being set during startup ...
Thanks for merging.
*_TLS_REQUIRED configuration options.