[Dovecot] Different SSL requirements for connections on different ports?

[William Gallafent]

Hi All,

I'm running dovecot 2.0.19.

I currently have remote users access mail using IMAP over SSL, with
their client certificates being both required and verified. I do this
using "ssl = required" and "ssl_verify_client_cert = yes".

I would now like to add a webmail front-end (squirrelmail) running on
the same server. In order to achieve this I would like to have
squirrelmail connecting locally using IMAP, but without the
certificate requirement. I'm happy to use the standard IMAP port for
this, since that port is firewalled so that only localhost has access.

Do I need to run two separate dovecot instances in order to achieve
this, or can I somehow configure different SSL requirements for the
two ports? Is there a way to have the ssl directives I mention above
active only for a certain port (or for certain hosts, i.e. non-local?)

I've been looking around in the documentation, but I haven't yet
worked out how to do this other than by having two separate dovecot
instances running, with the different auth configurations. Is that the
best approach, or can I get it working with only once instance?

Thanks for any help!

-- 
Bill Gallafent.