On 1/11/2012 8:01 PM, Nicolas KOWALSKI wrote:
Hello,
On a dovecot 2.0.14 proxy, I found that proxying managesieve works well when using 'starttls' option in pass_attrs, but does not work when using 'ssl' option. The backend server is also dovecot 2.0.14; when using the ssl option, it reports "no auth attempts" in the logs about managesieve-login, and meanwhile the MUA, Thunderbird with sieve plugin, reports [TRYLATER] account is temporary disabled; no problem when using starttls option on the proxy, all works well.
I would like to use IMAPs, instead of IMAP+STARTTLS, from proxy to backend, and have Managesieve still working. Is this supported?
Although there is no such thing as a standard sieveS protocol, you can make Dovecot v2.x talk SSL from the start at a ManageSieve socket. Since normally people will not use something like this, it is not available by default.
In conf.d/20-managesieve.conf you can adjust the service definition of ManageSieve as follows:
service managesieve-login { inet_listener sieve { port = 4190 }
inet_listener sieves { port = 5190 ssl = yes } }
This starts the normal protocol on port 4190 and the direct-SSL version on an alternative port. You can also put the ssl=yes directly in the port 4190 listener, as long as no client will have to connect to this server directly (no client will support it).
Regards,
Stephan.