|
|
@@ -12,6 +12,11 @@ SMTP. TLS is able to be enabled on a per-service basis as well.
|
|
|
Unless the administrator changes the authentication methods, SquirrelMail
|
|
|
will default to the "classic" plaintext methods, without TLS.
|
|
|
|
|
|
+Note: There is no point in using TLS if your IMAP server is localhost. You need
|
|
|
+root to sniff the loopback interface, and if you don't trust root, or an attacker
|
|
|
+already has root, the game is over. You've got a lot more to worry about beyond
|
|
|
+having the loopback interface sniffed.
|
|
|
+
|
|
|
REQUIREMENTS
|
|
|
------------
|
|
|
|
|
|
@@ -23,7 +28,7 @@ CRAM/DIGEST-MD5
|
|
|
|
|
|
TLS
|
|
|
* SquirrelMail 1.3.3 or higher
|
|
|
-* PHP 4.3.0 or higher
|
|
|
+* PHP 4.3.0 or higher (Check Release Notes for PHP 4.3.x information)
|
|
|
* The "STARTTLS" command is NOT supported. The server you wish to use TLS
|
|
|
on must have a dedicated port listening for TLS connections. (ie. port
|
|
|
993 for IMAP, 465 for SMTP)
|
tassium