1. Comment by Ian

    Thanks for posting this. I managed to reduce some of the level 3 warning on my Qualys check after this.

    How did you get rid of any port 993/995’s warnings?

  2. Comment by Avinesh

    Sorry for the long delay.

    1. The key is to edit /etc/courier-imap/imapd-ssl.
    2. Look for the following two lines:
    IMAPDSSLSTART=YES
    IMAPDSTARTTLS=YES
    3. Change those lines to read NO.
    4. Edit /etc/courier-imap/pop3d-ssl in the same manner.
    5. Restart the courier-imap daemon: service courier-imap restart
    6. Voila, fixed :-)

  3. Comment by Avinesh

    However, if you ARE using IMAP or POP3 over SSL with TLS, I would recommend updating the aforementioned files to use the strong TLS cipher set mentioned in the blog post.

(Close inline comments) (Respond now)