[Dovecot] proxy, managesieve and ssl?
Stephan Bosch
stephan at rename-it.nl
Wed Jan 11 23:06:51 EET 2012
On 1/11/2012 8:01 PM, Nicolas KOWALSKI wrote:
> Hello,
>
> On a dovecot 2.0.14 proxy, I found that proxying managesieve works well
> when using 'starttls' option in pass_attrs, but does not work when using
> 'ssl' option. The backend server is also dovecot 2.0.14; when using the
> ssl option, it reports "no auth attempts" in the logs about
> managesieve-login, and meanwhile the MUA, Thunderbird with sieve plugin,
> reports [TRYLATER] account is temporary disabled; no problem when using
> starttls option on the proxy, all works well.
>
> I would like to use IMAPs, instead of IMAP+STARTTLS, from proxy to
> backend, and have Managesieve still working. Is this supported?
Although there is no such thing as a standard sieveS protocol, you can
make Dovecot v2.x talk SSL from the start at a ManageSieve socket. Since
normally people will not use something like this, it is not available by
default.
In conf.d/20-managesieve.conf you can adjust the service definition of
ManageSieve as follows:
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieves {
port = 5190
ssl = yes
}
}
This starts the normal protocol on port 4190 and the direct-SSL version
on an alternative port. You can also put the ssl=yes directly in the
port 4190 listener, as long as no client will have to connect to this
server directly (no client will support it).
Regards,
Stephan.
More information about the dovecot
mailing list