[Dovecot] Selective TLS per local IP
Timo Sirainen
tss at iki.fi
Tue Jul 17 13:59:48 EEST 2012
On 17.7.2012, at 1.35, Robert Blayzor wrote:
> So is there any way possible to turn off advertising of TLS on port or turn it off/on per IP?
>
> Something like:
If those work, then yes. If they don't, then no. I'd think they would work.
> ssl = yes
> ssl_cert = </etc/ssl/cert/default.pem
> ssl_key = </etc/ssl/cert/default.pem
>
> local 10.1.1.1 {
> protocol imap {
> ssl_cert = </etc/ssl/cert/site1.pem
> ssl_key = </etc/ssl/cert/site1.pem
> }
> protocol pop3 {
> ssl_cert = </etc/ssl/cert/site1.pem
> ssl_key = </etc/ssl/cert/site1.pem
> }
> }
>
> local 10.1.1.2 {
> ssl = no
> }
>
>
>
> *or*
>
> ssl = no
>
> local 10.1.1.1 {
> ssl = yes
> protocol imap {
> ssl_cert = </etc/ssl/cert/site1.pem
> ssl_key = </etc/ssl/cert/site1.pem
> }
> protocol pop3 {
> ssl_cert = </etc/ssl/cert/site1.pem
> ssl_key = </etc/ssl/cert/site1.pem
> }
> }
>
>
> --
> Robert Blayzor
> INOC, LLC
> rblayzor at inoc.net
> http://www.inoc.net/~rblayzor/
>
>
>
More information about the dovecot
mailing list