As we’ve noted over the last two months, we’ve been planning to enforce SSL/TLS security on all IMAP/POP/SMTP connections. All users that needed to change their settings have been notified multiple times. Additionally, over the last few weeks, we’ve also notified all LDAP users that need to change their settings to enable SSL/TLS as well.
We’ve now done this and have completely disabled all non-SSL IMAP/POP/SMTP/LDAP ports. This means you can no longer access any services on the ports 110, 143, 25 or 389.
Over the next few months we’ll also be looking at enforcing SSL/TLS encryption our remaining services such as XMPP and DAV. We’ll post more as we work out our approach to enforcing SSL/TLS for these services.