Sebastian Hagedorn wrote:
Looking at the imapd.conf just now does make me wonder why sasl even allows pop3 plaintext logins without TLS with sasl_minimum_layer set to 256...Probably "allowplaintext" overrides that.
Good question - anybody know more? Which value do I set then to force TLS but allow plain?
Either make SASL use /dev/urandom or disable APOP: allowapop: 0
Both are already set like that :-( Martin
