On 04/09/2022 07:22, spi wrote:
04.09.2022 01:01:16 Bartosz Kwitniewski <zerg-dovecot@uid0.pl>:
For now they are on the same machine, we have to write our own panel for clients to get more freedom in backend choices. I was looking into HAProxy for SSL termination, but it does not support STARTTLS.
I'll try to look for workaround next week, but haven't used C for ages.
Best regards,
Bartosz Kwitniewski
Nginx can be used as reverse proxy for dovecot to terminate tls and load balance. It can also be used to verify client certificates (access only with valid client certificate and route access to backend based on client certificate).
Cheers, spi
It seems that Nginx can actually support SMTP/IMAP/POP3 STARTTLS and PROXY protocol to backend. I have missed that, thank You.
Best regards,
Bartosz Kwitniewski