[Dovecot] Different settings for SSL/non-SSL protocols

Алексей Прокопчук alexpro at homelan.lg.ua
Tue Dec 3 17:29:04 EET 2013

Good time of the day!

It is possible to setup dovecot with different requirements for SSL and
non-SSL protocols?
What would I like to do:

pop3/imap non-SSL = allowed plain text authentication.
pop3/imap with SSL = allowed plain text authentication with required
valid SSL certificates.

I need to allow access from any IP address for first group of users,
which have valid SSL certificates. And allow access from only local IP
addresses for second group of users which doesn't have SSL certificates
at all.

I tried to setup dovecot for such task. SSL and non-SSL pop3/imap works
together fine, but without require valid SSL certificates. If I set
auth_ssl_require_client_cert = yes, non-SSL pop3/imap refuses
authentication without valid SSL certificate. I tried to use different
sections for protocol pop3 {} and protocol pop3s {} (and imap/imaps) but
this seems doesn't work. Is there any way to solve this?

Thanks for attention, with best regards, Alexey Prokopchuk (AP8686-RIPE)

More information about the dovecot mailing list