From a989d77a872fd03f0d8a28c0586988e5747a9179 Mon Sep 17 00:00:00 2001
From: Andrey Likhodievskiy <green.anger@gmail.com>
Date: Sun, 2 Dec 2018 14:59:16 +0300
Subject: [PATCH] Disable ssl when no certificate is set (Closes: #1083, #1085)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Modified start-mailserver.sh with two new options for SSL certificate Configuration ():
+ ‘’ (empty string) modifies dovecot configs to allow plain text access
+ * (default) does nothing but warn with message ‘SSL configured by default’

* Updated README.md:
SSL_TYPE environment variable with unknown value will set SSL by default
---
 README.md                  |  3 ++-
 target/start-mailserver.sh | 14 ++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index bd5ed88b..5c2fb7af 100644
--- a/README.md
+++ b/README.md
@@ -256,8 +256,9 @@ Otherwise, `iptables` won't be able to ban IPs.
   - **empty** => SSL disabled
   - letsencrypt => Enables Let's Encrypt certificates
   - custom => Enables custom certificates
-  - manual => Let's you manually specify locations of your SSL certificates for non-standard cases
+  - manual => Let you manually specify locations of your SSL certificates for non-standard cases
   - self-signed => Enables self-signed certificates
+  - _any other value_ => SSL required, settings by default
 
 Please read [the SSL page in the wiki](https://github.com/tomav/docker-mailserver/wiki/Configure-SSL) for more information.
 
diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh
index 3af2805a..73c4e58e 100644
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@@ -953,6 +953,20 @@ function _setup_ssl() {
 		notify 'inf' "SSL configured with 'self-signed' certificates"
 	fi
 	;;
+    '' )
+        # $SSL_TYPE=empty, no SSL certificate, plain text access
+
+        # Dovecot configuration
+        sed -i -e 's~#disable_plaintext_auth = yes~disable_plaintext_auth = no~g' /etc/dovecot/conf.d/10-auth.conf
+        sed -i -e 's~ssl = required~ssl = yes~g' /etc/dovecot/conf.d/10-ssl.conf
+
+        notify 'inf' "SSL configured with plain text access"
+        ;;
+    * )
+        # Unknown option, default behavior, no action is required
+
+        notify 'warn' "SSL configured by default"
+        ;;
 	esac
 }