Mailing List CGatePro@mail.stalker.com Message #106886
From: Technical Support support@stalker.com <CGatePro@mail.stalker.com>
Subject: Re: How can I force all users to use encryption ?
Date: Mon, 9 Jul 2018 14:47:00 +0300
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
Hello,

On 2018-07-09 14:08, Sérgio Araújo sergio@3gnt.net wrote:
Greetings,

What options must I change on the CommuniGate Pro administration interface to force all users to use encryption, on all protocols (POP, IMAP, SMTP, LDAP, HTTP, etc..) ?

I can't just disable ports 110 (POP) and 143 (IMAP), since I want STARTTLS on those ports.

I can't also disable port 25, since it's used for receiving email from external domains, and some of them may not support encryption. I want to be able to receive unencrypted email from those external domains, must I want to force internal users to use STARTTLS on port 25.

I want to make sure there's absolutely no way the user's passwords can't be captured.

Nothing can stop a client/user to send a password in clear in a cleartext connection. The server may only to refuse logins with cleartext login attempts despite of the correct password sent.

In CGPro 6.2 in the "Login Securely" account setting there's the option to require TLS - that means that the server will require authentication to be done in a connection that was secured with TLS. That applies to all protocols.

[]

--
Best regards,
Dmitry Akindinov

=======================================================================
When answering to letters sent to you by the tech.support staff, make
sure the original message you have received is included into your
reply.
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster