dovecot: Use a real certificate.

[matthijs/servers/drsnuggles.git] / etc / dovecot / dovecot.conf

diff --git a/etc/dovecot/dovecot.conf b/etc/dovecot/dovecot.conf
index 3feb70fce537ed46a52ab35c84aab9b62a4635b2..00ec7ae6afc0d88def8b844b2669b8586f230b42 100644 (file)
--- a/etc/dovecot/dovecot.conf
+++ b/etc/dovecot/dovecot.conf
@@ -13,9 +13,18 @@
 # configuration of the managesieve plugin/daemon.
 
 
-# We server LDAP and use the deliver Local Delivery Agent
-protocols = imaps lda
-
+# We serve IMAP, IMAPS and use the deliver Local Delivery Agent
+protocols = imap imaps lda
+
+# Allow plaintext auth on non-TLS connections. We don't expose the non-secure
+# imap port 143 to the internet, just locally for the webmail apps. This should
+# therefore not introduce a security issue.
+disable_plaintext_auth = no
+
+# Our SSL private key
+ssl_key_file = /etc/dovecot/ssl/mail.stdout.nl.key
+# The public certificate (including the entire chain to the root)
+ssl_cert_file = /etc/dovecot/ssl/mail.stdout.nl.crt
 
 protocol imap {
   # Enable virtual mailboxes