[Dovecot] SSL only for external connections
Michael M Slusarz
slusarz at curecanti.org
Fri Sep 30 21:17:18 EEST 2011
Quoting Simon Brereton <simon.brereton at buongiorno.com>:
>> -----Original Message-----
>> From: dovecot-bounces at dovecot.org [mailto:dovecot-
>> bounces at dovecot.org] On Behalf Of Stan Hoeppner
>> On 9/30/2011 12:34 PM, Simon Brereton wrote:
>> >> -----Original Message-----
>> >> From: dovecot-bounces at dovecot.org [mailto:dovecot-
>> >> bounces at dovecot.org] On Behalf Of Terry Carmen
>> >
>> >>
>> >> If SSL/TLS works from the outside, but not the inside, you should
>> >> probably find out why and fix that instead.
>> >
>> > You'd think so - but since I don't actually need TLS from the
>> inside,
>> > and given my skill level - disabling it seems easier :)
>>
>> You don't need TLS/SSL from the outside either, if this is strictly a
>> webmail box. In this case, configure Apache/lighttpd+Horde to only
>> accept HTTPS connections from the outside, and configure Horde to
>> connect via the Dovecot localhost:143 listener. This is how I've
>> been doing it with Roundcube for years. Works like a champ.
>
> It's not strictly a webmail box though. IMAP clients (fixed and
> mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and
> POP3S on the outside and IMAP only on the local host (there's no
> actual reason to offer POP to the localhost either...
You can also configure the MUA (e.g. Horde) to not use a secure
connection, as opposed to turning off features on the server level.
michael
More information about the dovecot
mailing list