diff -Nur mailfront-0.96/Makefile mailfront-0.96-tls/Makefile
--- mailfront-0.96/Makefile	Tue Jul 12 01:54:01 2005
+++ mailfront-0.96-tls/Makefile	Sat Aug 27 12:42:53 2005
@@ -40,10 +40,10 @@
 echo-backend.o: compile echo-backend.c mailfront.h responses.h constants.h
 	./compile echo-backend.c
 
-imapfront-auth: load imapfront-auth.o timeout.o socket.lib
-	./load imapfront-auth timeout.o -lcvm-sasl -lcvm-v2client -lbg `cat socket.lib`
+imapfront-auth: load imapfront-auth.o  ucspitls.o timeout.o socket.lib
+	./load imapfront-auth ucspitls.o timeout.o -lcvm-sasl -lcvm-v2client -lbg `cat socket.lib`
 
-imapfront-auth.o: compile imapfront-auth.c
+imapfront-auth.o: compile imapfront-auth.c ucspitls.h
 	./compile imapfront-auth.c
 
 install: BIN conf-bin
@@ -90,10 +90,10 @@
 pop3.a: makelib iobytes.o timeout.o pop3-mainloop.o pop3-response.o
 	./makelib pop3.a iobytes.o timeout.o pop3-mainloop.o pop3-response.o
 
-pop3front-auth: load pop3front-auth.o pop3.a socket.lib
-	./load pop3front-auth pop3.a -lcvm-sasl -lcvm-v2client -lbg `cat socket.lib`
+pop3front-auth: load pop3front-auth.o ucspitls.o pop3.a socket.lib
+	./load pop3front-auth ucspitls.o pop3.a -lcvm-sasl -lcvm-v2client -lbg `cat socket.lib`
 
-pop3front-auth.o: compile pop3front-auth.c pop3.h constants.h
+pop3front-auth.o: compile pop3front-auth.c pop3.h ucspitls.h constants.h
 	./compile pop3front-auth.c
 
 pop3front-maildir: load pop3front-maildir.o pop3.a
@@ -158,7 +158,10 @@
 sasl-stub.o: compile sasl-stub.c
 	./compile sasl-stub.c
 
-smtp-commands.o: compile smtp-commands.c mailfront.h responses.h constants.h mailrules.h smtp.h responses.h
+ucspitls.o: compile ucspitls.c
+	./compile ucspitls.c
+
+smtp-commands.o: compile smtp-commands.c mailfront.h responses.h constants.h mailrules.h smtp.h responses.h ucspitls.h
 	./compile smtp-commands.c
 
 smtp-mainloop.o: compile smtp-mainloop.c mailfront.h responses.h constants.h mailrules.h smtp.h responses.h
@@ -167,16 +170,16 @@
 smtp-respond.o: compile smtp-respond.c mailfront.h responses.h constants.h smtp.h responses.h
 	./compile smtp-respond.c
 
-smtp.a: makelib iobytes.o mailrules.o patterns.o responses.o std-handle.o timeout.o smtp-commands.o smtp-mainloop.o smtp-respond.o
-	./makelib smtp.a iobytes.o mailrules.o patterns.o responses.o std-handle.o timeout.o smtp-commands.o smtp-mainloop.o smtp-respond.o
+smtp.a: makelib iobytes.o mailrules.o patterns.o responses.o std-handle.o timeout.o smtp-commands.o smtp-mainloop.o smtp-respond.o ucspitls.o
+	./makelib smtp.a iobytes.o mailrules.o patterns.o responses.o std-handle.o timeout.o smtp-commands.o smtp-mainloop.o smtp-respond.o ucspitls.o
 
-smtpfront-echo: load smtpfront-echo.o smtp.a echo-backend.o socket.lib
+smtpfront-echo: load smtpfront-echo.o smtp.a echo-backend.o ucspitls.o socket.lib
 	./load smtpfront-echo smtp.a echo-backend.o -lcvm-sasl -lcvm-v2client -lbg `cat socket.lib`
 
 smtpfront-echo.o: compile smtpfront-echo.c mailfront.h responses.h constants.h smtp.h responses.h
 	./compile smtpfront-echo.c
 
-smtpfront-qmail: load smtpfront-qmail.o smtp.a qmail.a cvm-validate.o socket.lib
+smtpfront-qmail: load smtpfront-qmail.o smtp.a qmail.a cvm-validate.o ucspitls.o socket.lib
 	./load smtpfront-qmail smtp.a qmail.a cvm-validate.o -lcvm-sasl -lcvm-v2client -lbg `cat socket.lib`
 
 smtpfront-qmail.o: compile smtpfront-qmail.c mailfront.h responses.h constants.h smtp.h responses.h
diff -Nur mailfront-0.96/TARGETS mailfront-0.96-tls/TARGETS
--- mailfront-0.96/TARGETS	Tue Jul 12 01:54:01 2005
+++ mailfront-0.96-tls/TARGETS	Sat Aug 27 12:44:23 2005
@@ -56,3 +56,4 @@
 socket.lib
 std-handle.o
 timeout.o
+ucspitls.o
diff -Nur mailfront-0.96/imapfront-auth.c mailfront-0.96-tls/imapfront-auth.c
--- mailfront-0.96/imapfront-auth.c	Tue Jul 12 01:54:01 2005
+++ mailfront-0.96-tls/imapfront-auth.c	Sat Aug 27 00:44:02 2005
@@ -31,6 +31,7 @@
 #include <cvm/v2client.h>
 #include <iobuf/iobuf.h>
 #include <str/str.h>
+#include "ucspitls.h"
 
 const char program[] = "imapfront-auth";
 const int msg_show_pid = 1;
@@ -56,6 +57,9 @@
 
 static struct sasl_auth saslauth = { .prefix = "+ " };
 
+static int tls_available = 0;
+static int auth_available = 1;
+
 void log_start(const char* tagstr)
 {
   obuf_puts(&errbuf, program);
@@ -227,6 +231,10 @@
 {
   respond_start(NOTAG);
   respond_str("CAPABILITY IMAP4rev1 ");
+  if (tls_available)
+    respond_str("STARTTLS ");
+  if (!auth_available)
+    respond_str("LOGINDISABLED ");
   respond_str(capability);
   respond_end();
   respond(0, "OK CAPABILITY completed");
@@ -252,7 +260,10 @@
 void cmd_login(int argc, str* argv)
 {
   int cr;
-  if (argc != 2)
+  
+  if (!auth_available)
+    respond(0,"BAD LOGIN command disabled without SSL/TLS");
+  else if (argc != 2)
     respond(0, "BAD LOGIN command requires exactly two arguments");
   else {
     if ((cr = cvm_authenticate_password(cvm, argv[0].s, domain,
@@ -282,6 +293,22 @@
   respond_end();
 }
 
+void cmd_starttls(void)
+{
+  if (!tls_available) {
+    respond(0, "BAD STARTTLS not availale");
+    return;
+  }
+
+  respond(0,"OK starting TLS negotiation");
+  if (!ucspitls())
+    exit(1);
+
+  /* FIX - Reset state? */
+  tls_available = 0;
+  auth_available = 1;
+}
+
 struct command
 {
   const char* name;
@@ -295,6 +322,7 @@
   { "LOGOUT",      cmd_logout,     0 },
   { "LOGIN",       0, cmd_login },
   { "AUTHENTICATE", 0, cmd_authenticate },
+  { "STARTTLS"   , cmd_starttls,   0 },
   { 0, 0, 0 }
 };
 
@@ -353,6 +381,10 @@
 
 int main(int argc, char* argv[])
 {
+  if (getenv("UCSPITLS"))
+    tls_available = 1;
+  if (getenv("AUTH_REQUIRES_TLS"))
+    auth_available = 0;
   set_timeout();
   if (!startup(argc, argv)) return 0;
   respond(NOTAG, "OK imapfront ready.");
diff -Nur mailfront-0.96/pop3front-auth.c mailfront-0.96-tls/pop3front-auth.c
--- mailfront-0.96/pop3front-auth.c	Tue Jul 12 01:54:01 2005
+++ mailfront-0.96-tls/pop3front-auth.c	Sat Aug 27 00:48:14 2005
@@ -28,6 +28,7 @@
 #include <iobuf/iobuf.h>
 #include <str/str.h>
 #include <cvm/sasl.h>
+#include "ucspitls.h"
 #include "pop3.h"
 
 const char program[] = "pop3front-auth";
@@ -41,6 +42,9 @@
 
 static struct sasl_auth saslauth = { .prefix = "+ " };
 
+static int tls_available = 0;
+static int auth_available = 1;
+
 static void do_exec(void)
 {
   if (!cvm_setugid() || !cvm_setenv())
@@ -52,6 +56,34 @@
   _exit(1);
 }
 
+#define CAPA_START "+OK capability list follows\r\n"
+#define CAPA_STLS  "STLS\r\n"
+#define CAPA_END   "."
+static void cmd_capa(void)
+{
+  if (tls_available)
+    respond(CAPA_START CAPA_STLS CAPA_END);
+  else
+    respond(CAPA_START CAPA_END);
+}
+
+static void cmd_stls(void)
+{
+  if (!tls_available) {
+    respond("-ERR STLS not available");
+    return;
+  }
+
+  respond("+OK starting TLS negotiation");
+  if (!ucspitls())
+    exit(1);
+
+  tls_available = 0;
+  auth_available = 1;
+  /* reset state */
+  str_truncate(&user, 0);
+}
+
 static void cmd_auth(const str* s)
 {
   int i;
@@ -63,7 +95,9 @@
 
 static void cmd_user(const str* s)
 {
-  if (!str_copy(&user, s))
+  if (!auth_available)
+    respond("-ERR Authentication not allowed without SSL/TLS");
+  else if (!str_copy(&user, s))
     respond(err_internal);
   else
     respond(ok);
@@ -96,6 +130,8 @@
   { "PASS", 0,        cmd_pass, "PASS XXXXXXXX" },
   { "QUIT", cmd_quit, 0,        0 },
   { "USER", 0,        cmd_user, 0 },
+  { "CAPA", cmd_capa, 0,        0 },
+  { "STLS", cmd_stls ,0,        0 },
   { 0,      0,        0,        0 }
 };
 
@@ -107,6 +143,10 @@
     obuf_putsflush(&errbuf, usage);
     return 0;
   }
+  if (getenv("UCSPITLS"))
+    tls_available = 1;
+  if (getenv("AUTH_REQUIRES_TLS"))
+    auth_available = 0;
   cvm = argv[1];
   nextcmd = argv+2;
   if (!sasl_auth_init(&saslauth)) {
diff -Nur mailfront-0.96/smtp-commands.c mailfront-0.96-tls/smtp-commands.c
--- mailfront-0.96/smtp-commands.c	Tue Jul 12 01:54:01 2005
+++ mailfront-0.96-tls/smtp-commands.c	Sat Aug 27 00:48:13 2005
@@ -4,6 +4,7 @@
 
 #include "mailfront.h"
 #include "mailrules.h"
+#include "ucspitls.h"
 #include "smtp.h"
 #include <cvm/sasl.h>
 
@@ -33,12 +34,15 @@
 static RESPONSE(auth_already, 503, "You are already authenticated.");
 static RESPONSE(toobig, 552, "The message would exceed the maximum message size.");
 static RESPONSE(toomanyunimp, 503, "Too many unimplemented commands.\nClosing connection.");
+static RESPONSE(auth_notallowed, 500, "Authentication not allowed right now (try using SSL/TLS)");
 
 static int saw_mail = 0;
 static int saw_rcpt = 0;
 static const char* smtp_mode = "SMTP";
 
 unsigned long maxnotimpl = 0;
+int tls_available = 0;
+int auth_available = 1;
 
 static int parse_addr_arg(void)
 {
@@ -128,11 +132,15 @@
   str_copy(&helo_domain, &arg);
   if (!respond(250, 0, domain_name.s)) return 0;
 
-  switch (sasl_auth_caps(&auth_resp)) {
-  case 0: break;
-  case 1: if (!respond(250, 0, auth_resp.s)) return 0; break;
-  default: return respond_resp(&resp_internal, 1);
+  if (auth_available) {
+    switch (sasl_auth_caps(&auth_resp)) {
+      case 0: break;
+      case 1: if (!respond(250, 0, auth_resp.s)) return 0; break;
+      default: return respond_resp(&resp_internal, 1);
+    }
   }
+  if (tls_available)
+    if (!respond(250,0,"STARTTLS")) return 0;
   str_copys(&auth_resp, "SIZE ");
   str_catu(&auth_resp, maxdatabytes);
   if (!respond(250, 0, auth_resp.s)) return 0;
@@ -277,6 +285,7 @@
 static int AUTH(void)
 {
   int i;
+  if (!auth_available) return respond_resp(&resp_auth_notallowed, 1);
   if (authenticated) return respond_resp(&resp_auth_already, 1);
   if (arg.len == 0) return respond_resp(&resp_needsparam, 1);
   if ((i = sasl_auth1(&saslauth, &arg)) != 0) {
@@ -291,6 +300,25 @@
   return 1;
 }
 
+static int STARTTLS(void)
+{
+  if (!tls_available)
+    return respond_resp(&resp_unimp, 1);
+
+  if (!respond(220,1,"2.0.0 Ready to start TLS"))
+    return 0;
+  
+  if (!ucspitls())
+    return 0;
+
+  tls_available = 0;
+  auth_available = 1;
+  saw_rcpt = 0;
+  saw_mail = 0;
+
+  return 1;
+}
+
 typedef int (*dispatch_fn)(void);
 struct dispatch 
 {
@@ -309,6 +337,7 @@
   { "RSET", RSET },
   { "VRFY", VRFY },
   { "AUTH", AUTH },
+  { "STARTTLS", STARTTLS},
   { 0, 0 }
 };
 
diff -Nur mailfront-0.96/smtp-mainloop.c mailfront-0.96-tls/smtp-mainloop.c
--- mailfront-0.96/smtp-mainloop.c	Tue Jul 12 01:54:01 2005
+++ mailfront-0.96-tls/smtp-mainloop.c	Sat Aug 27 00:44:02 2005
@@ -16,6 +16,8 @@
 struct sasl_auth saslauth = { .prefix = "334 " };
 
 extern unsigned long maxnotimpl;
+extern int tls_available;
+extern int auth_available;
 
 int smtp_mainloop(void)
 {
@@ -36,6 +38,11 @@
 
   if ((tmp = getenv("MAXNOTIMPL")) != 0)
     maxnotimpl = strtoul(tmp, 0, 10);
+  
+  if (getenv("UCSPITLS"))
+    tls_available = 1;
+  if (getenv("AUTH_REQUIRES_TLS"))
+    auth_available = 0;
 
   if ((resp = handle_init()) != 0) { respond_resp(resp, 1); return 1; }
 
diff -Nur mailfront-0.96/ucspitls.c mailfront-0.96-tls/ucspitls.c
--- mailfront-0.96/ucspitls.c	Wed Dec 31 19:00:00 1969
+++ mailfront-0.96-tls/ucspitls.c	Sat Aug 27 00:44:02 2005
@@ -0,0 +1,28 @@
+#include <unistd.h>
+#include <stdlib.h>
+
+int ucspitls(void)
+{
+  int fd;
+  char *fdstr;
+  
+  if (!(fdstr=getenv("SSLCTLFD")))
+    return 0;
+  fd = atoi(fdstr);
+  if (write(fd, "y", 1) < 1)
+    return 0;
+
+  if (!(fdstr=getenv("SSLREADFD")))
+    return 0;
+  fd = atoi(fdstr);
+  if (dup2(fd,0) == -1)
+    return 0;
+
+  if (!(fdstr=getenv("SSLWRITEFD")))
+    return 0;
+  fd = atoi(fdstr);
+  if (dup2(fd,1) == -1)
+    return 0;
+
+  return 1;
+}
diff -Nur mailfront-0.96/ucspitls.h mailfront-0.96-tls/ucspitls.h
--- mailfront-0.96/ucspitls.h	Wed Dec 31 19:00:00 1969
+++ mailfront-0.96-tls/ucspitls.h	Sat Aug 27 00:44:02 2005
@@ -0,0 +1 @@
+int ucspitls(void);