Dovecot is installed but actually I just use auth module (for postfix authentication).

In your dovecot.conf example, I don't see the "proxy" command ?

Could you give me a few more details on the "proxy" command usage (ExtraFields/Proxy is not clear for me)?

Regards

-----Message d'origine----- From: David Jonas Sent: Thursday, May 03, 2012 8:04 PM To: Gilles Albusac Subject: Re: [Dovecot] Dovecot for POP3S proxying

On Thu May 3 05:14:40 2012, Gilles Albusac wrote:

Dovecot is already installed in my architecture and I just would like to know how to configure Dovecot for POP3S proxying with authentication.

For security reasons I prefer to install as little as possible binary (see vulnerability 2011 - remote exploit - STUNNEL).

If you already have dovecot running in proxy mode it's easy to add pop3s. If not, see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy

See http://wiki2.dovecot.org/Services search the page for pop3s. A simple example:

ssl = yes ssl_cert = </etc/dovecot/dovecot.pem ssl_key = </etc/dovecot/dovecot.pem

service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } }

Of course there is a lot more SSL tuning that can be done: http://wiki2.dovecot.org/SSL/DovecotConfiguration

-----Message d'origine----- From: David Jonas Sent: Wednesday, May 02, 2012 10:29 PM To: Gilles Albusac Cc: dovecot@dovecot.org Subject: Re: [Dovecot] Dovecot for POP3S proxying

On Wed May 2 06:41:00 2012, Gilles Albusac wrote:

...

I would like to configure Dovecot for POP3S proxying all users from the Internet to the internal Exchange Mail Server.

Unless I'm missing something with your request, you don't need dovecot. Any ssl proxy can do that for you, such as stunnel (http://www.stunnel.org/). We use the hardware ssl termination on our load balancers for pop3s, imaps, and smtps.