[Dovecot] IMAP proxying for ALL users to internal mail server

Timo Sirainen tss at iki.fi
Fri Oct 2 15:52:21 EEST 2009


On Oct 2, 2009, at 8:47 AM, Vitaliy Vladimirovich wrote:

> That still doesn't answer my question. It doesn't sound like you need
> IMAP proxying. It sounds like you just need TCP connection forwarding.
>
>           Your true. TCP connection forwarding I can do fith PF, but  
> I think IMAP proxying more secure.

The only thing that could make it more secure is if you trust that  
Dovecot is more secure before login than Exchange is. Could be true of  
course. :)

So if you really want Dovecot to be there, you need to use either SQL  
(e.g. SQLite) or checkpassword passdb. Others can't just accept all  
users without explicitly listing all of them. With SQL you could do  
something like:

password_query = select '%u' as user, 'y' as nopasword, 'y' as proxy,  
'1.2.3.4' as host



More information about the dovecot mailing list