10 Feb
2020
10 Feb
'20
9:59 p.m.
Hello Aki, On 10.02.20 20:34, Aki Tuomi wrote:
- configure HAproxy to use PROXYv1 or PROXYv2 to protocol to pass connections details to dovecot. With recent enough dovecot, you can include TLS information with haproxy to dovecot.
- configure login_trusted_networks and haproxy_trusted_networks
- set 'haproxy=yes' to the listener you are connecting with haproxy, so dovecot knows to expect and parse the proxy protocol.
that part is working fine. Whether it's a proxied or non-proxied config can be ignored here.
The essential question broken down to a minimum is, is there any way to
- configure a dovecot service with plain unencrypted authentication (like imap-login for example) that also _does_not_ advertise starttls
and at the same time
- configure another dovecot service (like managesieve for example) that _does_ advertise starttls?
Thanks Björn