starttls for some services only

Bjoern Jacke lists2020 at j3e.de
Mon Feb 10 21:59:30 EET 2020


Hello Aki,
On 10.02.20 20:34, Aki Tuomi wrote:
>  - configure HAproxy to use PROXYv1 or PROXYv2 to protocol to pass connections details to dovecot. With recent enough dovecot, you can include TLS information with haproxy to dovecot.
>  - configure login_trusted_networks and haproxy_trusted_networks
>  - set 'haproxy=yes' to the listener you are connecting with haproxy, so dovecot knows to expect and parse the proxy protocol.

that part is working fine. Whether it's a proxied or non-proxied config
can be ignored here.

The essential question broken down to a minimum is, is there any way to

1) configure a dovecot service with plain unencrypted authentication
(like imap-login for example) that also _does_not_ advertise starttls

and at the same time

2) configure another dovecot service (like managesieve for example) that
_does_ advertise starttls?

Thanks
Björn


More information about the dovecot mailing list