Skip to content

Brian

← MDaemon Idea Engine

My feedback

1 result found

  1. Add ability to force SSL/TLS connections for all authenticated users

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    2 comments  ·  Welcome to MDaemon Technologies' Suggestion Box » MDaemon  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    under review  ·  AdminArron Caruth (VP of Product Development, Alt-N Technologies) responded

    Hello Brian,

    Thanks for sharing your ideas to force SSL/TLS for all clients. We will look into adding options for force TLS/SSL for IMAP and POP clients in a future version. One option to force POP and IMAP users to use SSL is to only allow the SSL ports for these protocols through the firewall. Another option is to turn off support for plain text passwords. This will force the users to choose a secure means of transmitting the password which are either the use of Cram-MD5 or an SSL/TLS connection. Forcing the use of SSL/TLS on port 25 may result in other servers not being able to send you email, but it is possible to do using the STARTTLS Required List.

    Thanks,

    Arron

    An error occurred while saving the comment
    Brian commented  · 

    This is still something I'd really like to see. When a login is attempted and TLS or SSL is not in use, drop the connection, refuse the login.
    In my company it's a requirement. We can spot the mis-configured IMAP users easily, but finding all of the POP and SMTP users without SSL or TLS is difficult and time-consuming, and has to be repeated every couple of weeks.
    I've looked at forcing ports but it is problematic for several reasons.
    I'd even settle for a report at this point.

    Brian supported this idea  · 
    Brian shared this idea  · 

Feedback and Knowledge Base

(thinking…)