[Dovecot] Questions about Proxy/Director

Patrick Westenberg pw at wk-serv.de
Tue Nov 29 16:24:22 EET 2011 

Hi again,

I have a working test environment not but I don't feel very comfortable 
with a non encrypted connection between the proxy/director and the 
backend servers.

If I set ssl = required on my backend server I get this error:
imap-login: Disconnected (tried to use disabled plaintext auth)

Is there a chance to encrypt this connection?



# 2.0.16: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.3
auth_debug = yes
auth_verbose = yes
director_mail_servers = 172.17.0.31
director_servers = 172.17.213.213
disable_plaintext_auth = no
lmtp_proxy = yes
mail_debug = yes
passdb {
   args = proxy=y nopassword=y
   driver = static
}
service auth {
   unix_listener auth-userdb {
     mode = 0600
     user = dovecot
   }
}
service director {
   fifo_listener login/proxy-notify {
     mode = 0666
   }
   inet_listener {
     port = 5515
   }
   unix_listener director-userdb {
     mode = 0600
   }
   unix_listener login/director {
     mode = 0666
   }
}
service imap-login {
   executable = imap-login director
}
ssl = required
ssl_cert = </etc/ssl/certs/***.crt
ssl_key = </etc/ssl/certs/***.key

and the backend

# 2.0.16: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.3
disable_plaintext_auth = no
listen = 172.17.0.31
mail_gid = vmail
mail_home = /var/mail/%d/%n
mail_location = mdbox:~/mdbox
mail_plugins = quota
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
namespace {
   inbox = yes
   location =
   prefix = INBOX.
   separator = .
   type = private
}
passdb {
   args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
   driver = sql
}
plugin {
   autocreate = INBOX.Sent
   autocreate2 = INBOX.Trash
   autocreate3 = INBOX.Drafts
   autocreate4 = INBOX.Spamverdacht
   autosubscribe = INBOX.Sent
   autosubscribe2 = INBOX.Trash
   autosubscribe3 = INBOX.Drafts
   autosubscribe4 = INBOX.Spamverdacht
   quota = dict:User quota::file:%h/mdbox/dovecot-quota
   quota_rule2 = INBOX.Trash:storage=+100M
   quota_warning = storage=90%% quota-warning 90 %u
   quota_warning2 = storage=75%% quota-warning 75 %u
   sieve = ~/.dovecot.sieve
   sieve_dir = ~/sieve
   sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
}
protocols = imap sieve
service imap-login {
   service_count = 1
}
service managesieve-login {
   inet_listener sieve {
     port = 4190
   }
   inet_listener sieve_deprecated {
     port = 2000
   }
   service_count = 1
}
ssl = required
ssl_cert = </etc/ssl/certs/imap.wk-serv.de.crt
ssl_key = </etc/ssl/certs/imap.wk-serv.de.key
userdb {
   args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
   driver = sql
}
protocol imap {
   mail_plugins = quota imap_quota autocreate
}

More information about the dovecot mailing list