[Dovecot] Encrypted IMAP only from Internet,
unencrypted POP3 from internal network
Rainer Frey
rfy at inxmail.de
Mon May 8 10:51:22 EEST 2006
Hi,
we have following situation: I migrated our company mailserver from POP3
only to dovecot with IMAP and POP. We need to have unencrypted POP3
from our internal network, and the subnet our mailserver is in.
Additionally, we now want to allow encrypted IMAP from the internet (for
some defined accounts), preferably with TLS (which means I open Port
143 in our firewall).
Now, how can I achieve that they can't use unencrypted plaintext
authentication from Internet, while I allow unencrypted POP3 from the
mailserver and private network? (I can require using encryption for
IMAP from our internal net, but I must have unencrypted POP3 as we use
software that retrieves mail via POP3 that doesn't support encryption).
My idea was:
- use disable_plaintext_auth for IMAP only
- use disable_plaintext_auth for internet, but not our networks
- allow connection from the internet only for certain accounts, and
limit them to use encryption
Internet access for POP3 is not necessary.
Is any of this possible with dovecot? Or another way to achieve my goal?
Non-plaintext authentication is not possible, as we use linux system
accounts with shadow passwords.
TIA
Rainer Frey
--
Software Development
------------------------------------------------------
Inxmail GmbH
More information about the dovecot
mailing list