Minor Bug in service monitor?

[teves]

Hello,

I think I discovered a small bug in the service monitor, but you might also call it a configuration error, so I have to ask:

For the mail server I only want to allow encrypted connections (STARTTLS). So at first I put the line
ssl = required
into my dovecot.conf.
But this configuration did only work for the IMAP connection seemingly, not for POP3.

So I have disabled the unencoded pop3 protocol by changing the line
protocols = imap imaps pop3 pop3s
to
protocols = imap imaps pop3s

Now the connections are secure, but the service monitor tells me that the pop3 service is not available. I am sure it works, for I have created a mailbox to test it.

I see that all this happens because I use a workaround, but on the other hand the service is working and ISPConfig tells me it's not. Bug? :-)

Regards,
Tom

[till]

ISPconfig checks if a pop3 and imap service is listening on the default port on localhost. If you disabled pop3 or imap in dovecot.conf, then ther is no such service at localhost and the monitor is showing it as offline.

Reconfigure dovecot.conf and set it back to

protocols = imap imaps pop3 pop3s

If you want to disallow connections to pop3 or imap, then close the ports in the firewall.

[teves]

Hi Till,

thanks for your reply, but I am not sure if this is a good solution, I'm afraid. I do think so because of the following line from the dovecot wiki:

Clients using STARTTLS work by connecting to the regular unencrypted port and immediately issue a STARTTLS command, after which the session is encrypted. After SSL handshake there is no difference between SSL port initiated connections and STARTTLS initiated connections.

(for the complete paragraph about SSL/TLS see http://wiki2.dovecot.org/SSL)

In other words: if I blocked the ports with the firewall, the STARTTLS concept would be useless.
At least this is how I understand it. Or am I wrong?

Regards, Tom