vandewater Should POP3 be allowing unencrypted auth over TCP/110 without forcing StartTLS if its enabled in the config? See below: localhost:~ # grommunio-admin user show 3 user@domain.com (3): ID: 3 username: user@domain.com domainID: 2 homeserver: (local) lang: (not set) maildir: /var/lib/gromox/user/1/1 privilegeBits: 7 (pop_imap,smtp,passwd) addressStatus: 0 (active|active) ldapID: (none) chat: (none) aliases: (none) roles: (none) fetchmail: (none) properties: displaytypeex: 0 creationtime: 2023-03-02 20:52:00 localhost:~ # telnet 127.0.0.1 110 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. +OK localhost pop service ready USER user@domain.com +OK PASS pass123 +OK CAPA +OK capability list follows STLS TOP USER PIPELINING UIDL TOP . LIST +OK . STAT +OK 0 0 QUIT +OK quit localhost Connection closed by foreign host. localhost:~ # cat /etc/gromox/pop3.cfg pop3_support_stls=true pop3_force_stls=true listen_ssl_port=995 pop3_certificate_path=/etc/grommunio-common/ssl/server-bundle.pem pop3_private_key_path=/etc/grommunio-common/ssl/server.key default_domain=localhost.localdomain
crpb cat << EOF | sed 's/_stls/_tls/g' pop3_support_stls=true pop3_force_stls=true EOF man pop3 |grep _tls https://docs.grommunio.com/man/pop3.8gx.html#configuration-directives
vandewater Welp, that was it. Thanks. I saw this and thought pop3_support_stls would have worked as well: {"pop3_support_stls", "pop3_support_tls", CFG_ALIAS}, {"pop3_support_tls", "false", CFG_BOOL},