On Mon, Jul 13, 2009 at 10:28 AM, Eden Caldasedencaldas@gmail.com wrote:
First you have to inform the imap server you are using.
If it's dovecot, you can use the following:
disable_plaintext_auth = yes
I have "disable plaintext_auth = no"
I don't want to disable plain text but I do have TLS as an option if you wish to set up your client to use it. My question is how do I force RC as the client to use TLS when users are connecting to Dovecot? If I set 'plaintext_auth = no", then users who have no TLS configuration in Outlook or Thunderbird fail to retrieve their email. I don't want to do that. Just have the option of using it if it's available (which it is).
and it will only allow plaintext auth coming from localhost, which is good idea if your webmail is hosted in the same machine.
My RC / Webmail server is not the same (localhost) as my IMAP (Dovecot) server.
This way roundcube authenticates (localhost to localhost) without encryption and all other hosts must use TLS otherwise are rejected.
List info: http://lists.roundcube.net/users/