WJCarpenter wrote:
The wiki http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy page says this: "The connections created to the destination server can't be TLS/SSL encrypted.".
Hrmm. Right now, with perdition, I'm forcing the use of STARTTLS on the internal connections. I'd just as soon get rid of perdition (to have one less moving part in my architecture), but I need the secure connections.
Is there a way to configure dovecot's internal proxy connections to use STARTTLS or some other SSL/TLS level of security? (Without a bunch more research, I don't know what the interaction is between the real client, the dovecot proxy, and the destination server.)
Just create encrypted tunnel between the peers and send your traffic through it. IPSec, ssh etc..