Dovecot plaintext authentication issue on migrating to CentOS 7

I am migrating a Virtualmin Pro server from CentOS 6.7 to 7.

In Dovecot I have: “disable_plaintext_auth = no”. Yet on moving a virtual server over to the new set up Gmail complains:

"Authentication error. Server returned error “[AUTH] Plaintext authentication disallowed on non-secure (SSL/TLS) connections.”

Is there some other setting I need to fix other than Dovecot’s 10-auth.conf?

(I know it would be preferable to force TLS, but most virtual servers do not have their own certificates, and the error messages that would result would confuse our users. Plus, these are low-risk situations).

OK - I think I’ve answered my own question!

Quite oddly (I think), Dovecot (2.2.10) now has TWO places to control this:

  1. 10-auth.conf: “disable_plaintext_auth = no”

  2. 10-ssl.conf: “ssl=no”

(1) does not work unless (2) is set.

I would humbly suggest that Virtualmin should set both flags if allowing non-forcing of SSL/TLS!