Allow disabling STARTTLS

config/default.toml

@@ -70,7 +70,7 @@ bugsnagCode=""
 # @include "sender.toml"
 
 [smtp.setup]
-    # Public configuration for SMTP MDA
-    hostname="localtest.me"
-    secure=false
-    port=2587
+# Public configuration for SMTP MDA, needed for mobileconfig files
+hostname="localhost"
+secure=false
+port=2587

config/imap.toml

@@ -17,6 +17,14 @@ retention=30
 # if `true` then do not autodelete expired messages
 disableRetention=false
 
+# If true, then disables STARTTLS support
+disableSTARTTLS=false
+
+[id]
+#name="Wild Duck IMAP"
+#version="1.0.0"
+#vendor="Wild Duck"
+
 [setup]
 # Public configuration for IMAP
 hostname="localhost"

config/lmtp.toml

@@ -7,6 +7,15 @@ host="127.0.0.1"
 # Max accepted size for messages pushed via LMTP
 maxMB=25
 
+# If true then disables STARTTLS usage
+disableSTARTTLS=false
+
+# Greeting message for connecting client
+banner="Welcome to Wild Duck Mail Server"
+
+# Server hostname. Defaults to os.hostname() if false
+name=false
+
 [tls]
 # If certificate path is not defined, use global or built-in self-signed certs for STARTTLS
 #key="/path/to/server/key.pem"

config/pop3.toml

@@ -8,6 +8,9 @@ host="127.0.0.1"
 # POP3 server is limited and does not support the STLS command
 secure=true
 
+# If true, then do not show server info in CAPA response
+disableVersionString=false
+
 # How many latest messages to list for LIST and UIDL
 # POP3 server never lists all messages but only a limited length list
 maxMessages=250

imap-core/lib/commands/authenticate-plain.js

@@ -14,7 +14,7 @@ module.exports = {
     handler(command, callback, next) {
         let token = ((command.attributes && command.attributes[0] && command.attributes[0].value) || '').toString().trim();
 
-        if (!this.secure && !this._server.options.ignoreSTARTTLS) {
+        if (!this.secure && !this._server.options.disableSTARTTLS && !this._server.options.ignoreSTARTTLS) {
             // Only allow authentication using TLS
             return callback(null, {
                 response: 'BAD',

imap-core/lib/commands/capability.js

@@ -5,9 +5,11 @@ module.exports = {
         let capabilities = [];
 
         if (!this.secure) {
-            capabilities.push('STARTTLS');
-            if (!this._server.options.ignoreSTARTTLS) {
-                capabilities.push('LOGINDISABLED');
+            if (!this._server.options.disableSTARTTLS) {
+                capabilities.push('STARTTLS');
+                if (!this._server.options.ignoreSTARTTLS) {
+                    capabilities.push('LOGINDISABLED');
+                }
             }
         }
 

imap-core/lib/commands/login.js

@@ -18,7 +18,7 @@ module.exports = {
         let username = Buffer.from((command.attributes[0].value || '').toString().trim(), 'binary').toString();
         let password = Buffer.from((command.attributes[1].value || '').toString().trim(), 'binary').toString();
 
-        if (!this.secure && !this._server.options.ignoreSTARTTLS) {
+        if (!this.secure && !this._server.options.disableSTARTTLS && !this._server.options.ignoreSTARTTLS) {
             // Only allow authentication using TLS
             return callback(null, {
                 response: 'BAD',

imap.js

@@ -41,6 +41,7 @@ const onGetQuota = require('./lib/handlers/on-get-quota');
 // Setup server
 const serverOptions = {
     secure: config.imap.secure,
+    disableSTARTTLS: config.imap.disableSTARTTLS,
     ignoreSTARTTLS: config.imap.ignoreSTARTTLS,
 
     id: {

lmtp.js

@@ -41,12 +41,12 @@ const serverOptions = {
         }
     },
 
-    name: false,
+    name: config.lmtp.name || false,
 
     // not required but nice-to-have
     banner: config.lmtp.banner || 'Welcome to Wild Duck Mail Server',
 
-    disabledCommands: ['AUTH'],
+    disabledCommands: ['AUTH'].concat(config.lmtp.disableSTARTTLS ? 'STARTTLS' : []),
 
     onMailFrom(address, session, callback) {
         // reset session entries