From b2865e35b1135e99b1ebad232c0b44fd11b84a11 Mon Sep 17 00:00:00 2001
From: brody <brody_ross@yahoo.com>
Date: Sat, 24 Nov 2018 04:49:57 +0100
Subject: [PATCH] Update debian_dovecot.conf.master This has to be done because
 Dovecot (now) uses SSL as default. You probably want to switch this back to
 "yes" or other options afterward.

---
 install/tpl/debian_dovecot.conf.master | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/tpl/debian_dovecot.conf.master b/install/tpl/debian_dovecot.conf.master
index 070e6dde3..31c114715 100644
--- a/install/tpl/debian_dovecot.conf.master
+++ b/install/tpl/debian_dovecot.conf.master
@@ -51,7 +51,7 @@ listen = *,[::]
 # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
 # matches the local IP (ie. you're connecting from the same computer), the
 # connection is considered secure and plaintext authentication is allowed.
-disable_plaintext_auth = no
+disable_plaintext_auth = yes
 
 # Should all IMAP and POP3 processes be killed when Dovecot master process
 # shuts down. Setting this to "no" means that Dovecot can be upgraded without
@@ -818,7 +818,7 @@ auth default {
   # Space separated list of wanted authentication mechanisms:
   #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
   # NOTE: See also disable_plaintext_auth setting.
-  mechanisms = plain login
+  mechanisms = plain login digest-md5 cram-md5
 
   #
   # Password database is used to verify user's password (and nothing more).
-- 
GitLab