Courier-imaps using TLS or SSLv3 ?
Hello,
I have a courier imap (& courier imap-ssl) server for 30 email accounts with a lot of usage and the people that use them log in regularly from a lot of different places like home, university, work, wi-fi on cafeteria etc..
1) Well one thing is that the email password is the the same for shell access. I have denied to some of them shell access by setting their shell to /bin/false. Should this be set to /bin/nologin to deny shell usage and login or /bin/false is OK ?
2) I have written for the email users some intructions on how to use Thunderbird.
I set the security to connect to the server as TLS. Not TLS if available, but TLS.
Problem is that I saw that google uses instead of TLS SSL ( v3 I suppose) and that got me into some thinking !
Of course I could run both but is there any risk with TLS instead of SSLv3 ? Should I prefer SSLv3 for logins instead of TLS ?
In the courier imam-ssl configuration file, option IMAP_TLS_REQUIRED is set to 0 because it doesn't allow logins from the web interface that we use to access the e-mail which I don't administrate neiher host.
This web interface allows the usage of https to login.
|