Is there any way to make Dovecot 2.2.22 not require a client SSL certificate for a local IMAP connection, but require it for any remote IMAP connection?

My server is configured to require client certificates:

ssl = required ... auth_ssl_require_client_cert = yes

I tried adding the following to create an exception for localhost:

remote 127.0.0.1 { ssl = no auth_ssl_require_client_cert = no disable_plaintext_auth = no }

But Dovecot fails to start with: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 81: Auth settings not supported inside local/remote blocks:

Is there any other way to do this? I don't need to override any other auth settings, just that one. I could probably use a Unix socket, if that would help.

Thanks,

Evan