[Dovecot] IMAP SSL proxy (questions)
Reindl Harald
h.reindl at thelounge.net
Wed May 8 19:57:23 EEST 2013
Am 08.05.2013 18:04, schrieb Trever L. Adams:
> Is this possible? Can this be implemented in dovecot? If not, does
> anyone know of such a project. Proxy needs to not have any exploitable
> holes and really only needs to understand enough SSL to get the
> server_name, pass through the connection, replaying Client Hello, and
> then knowing when to shut the connection
it is a broken idea
IMAP/PO3/SMTP is not a website with different contents
you need ONE certificate and ONE server-name and you are done
in case of dovecot as proxy you do not need SSL at all
on the backend sevrers if they are not accessed via WAN
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130508/a5cdd7da/attachment.bin>
More information about the dovecot
mailing list