[Dovecot] Different SSL requirements for connections on different ports?

Timo Sirainen tss at iki.fi
Tue May 29 20:34:46 EEST 2012


On 29.5.2012, at 20.17, Ron Leach wrote:

> On 29/05/2012 16:55, Timo Sirainen wrote:
>> On Tue, 2012-05-29 at 15:09 +0100, William Gallafent wrote:
> 
>>> I would now like to add a webmail front-end (squirrelmail) running on
>>> the same server. In order to achieve this I would like to have
>>> squirrelmail connecting locally using IMAP, but without the
>>> certificate requirement.
> 
>>> Do I need to run two separate dovecot instances in order to achieve
>>> this, or can I somehow configure different SSL requirements for the
>>> two ports?
> 
>> for now you'd need to run two Dovecot instances.
>> 
> 
> [Keen to do the same thing.]  I guess those two Dovecot instances could run either on (a) the same machine, or (b) different machines - though using a network-visible mail storage location.

Yes.

> Does this dual-Dovecot solution become problematic if the mail storage location is NFS?  I'm aware of the cautions regarding NFS access from two different machines (case (b), here).  

Yes, NFS will cause trouble in that kind of a setup.

> If these two Dovecot instances were on the same machine (case (a)) but which nevertheless used an NFS mail storage location, would we then also hit the NFS dual-access problem from this single machine running the two instances?

If there is a single NFS mountpoint used by both Dovecots, there won't be a problem since there is only one kernel accessing and caching it. (I'm not entirely sure if there's a problem with more than one mountpoint, might be.) Dovecot itself doesn't internally have a problem with multiple Dovecot instances accessing the same files, regardless of where they are stored.


More information about the dovecot mailing list