On Wed, Jan 11, 2012 at 10:06:51PM +0100, Stephan Bosch wrote:
On 1/11/2012 8:01 PM, Nicolas KOWALSKI wrote:
I would like to use IMAPs, instead of IMAP+STARTTLS, from proxy to backend, and have Managesieve still working. Is this supported?
Although there is no such thing as a standard sieveS protocol, you can make Dovecot v2.x talk SSL from the start at a ManageSieve socket. Since normally people will not use something like this, it is not available by default.
In conf.d/20-managesieve.conf you can adjust the service definition of ManageSieve as follows:
service managesieve-login { inet_listener sieve { port = 4190 }
inet_listener sieves { port = 5190 ssl = yes } }
This works well, when using (as Timo wrote) a different ldap pass_attrs for sieve, specifying this specific 5190 port. Thanks for your suggestion.
This starts the normal protocol on port 4190 and the direct-SSL version on an alternative port. You can also put the ssl=yes directly in the port 4190 listener, as long as no client will have to connect to this server directly (no client will support it).
Well, as this is non-standard, I guess I will not use it. I much prefer to stick with what has been RFCed.
-- Nicolas