OS type and version: CentOS Linux 7.9.2009
Webmin version: 1.981
Virtualmin version: 6.17 Pro
Hi everyone,
I have recently started to migrate to a new server from a legacy (CentOs 5) . The reason it took so long is a long story.
Some of the clients hosted on the new server include some that still have legacy software which they will have great difficulty updating and that includes their email client. Obviously, the new server wants to only use secure methods (SSL etc) for email connecting but that change is very difficult or even impossible for some. I know it is not best practice but I need to allow plain text login for email but, of course the server will not allow that. I guess I could remove the LetsEncrypt cert. but would prefer to leave that and set up to allow plain text login. So, is it possible to leave the cert. in place but allow plain text when the email client attempt that? Effectively allowing the email client to chose whether or not to use plain text passwords.
Pretty sure it’s already allowed and already doing what you’ve asked for. Postfix definitely does not require encryption on the traditional SMTP port, it uses opportunistic encryption (if the client can support it, it’ll enable it).
Looks like maybe Dovecot needs a minor tweak to allow pop3 and imap instead of just pop3s and imaps. On CentOS, that’s probably changing /etc/dovecot/conf.d/10-ssl.conf to have ssl = yes rather than ssl = required.
Removing the certificate will just break all connections, it will not allow unencrypted connections. The existence of a certificate doesn’t configure the services for TLS (or not).
So, you could do that, but you definitely should not, as it will not do anything good or useful to your goals.