2013/3/11 Robert Moskowitz <rgm at htt-consult.com>: > > On 03/11/2013 05:08 AM, Eero Volotinen wrote: >>>> >>>> - Firewall and SELinux should be disabled. >>> >>> Bad advice. >> >> this page also configures unsafe imap and pop settings. People should >> always enable only ssl-enabled versions of imap and pop only. > > > Just don't open those ports. Then they only work locally. For imap, that > works well with the local imap webmail software. > > Why should a local squirelmail or roundcube server have to go through SSL to > the local dovecot server? why not? it is always wise to use encrypted protocols, when possible. -- Eero