[Dovecot] Dovecot proxy

Alex Ferrara alex at receptiveit.com.au
Mon May 5 05:57:30 UTC 2014


Hi everyone,

I have a problem that hopefully has an easy solution.

I am setting up an IMAP proxy in a DMZ network. It will connect to the real IMAP server and authenticate using "driver = imap", and this I have working really nicely. 

What I want to do is have it look up a list of users that are allowed to connect through the proxy before proxying the connection, as not all users with an account are permitted to access their email from the internet. I thought that using a post-login script would get me out of trouble, but it isn't possible in a relay configuration.



dovecot.conf

## Dovecot configuration file

mail_uid = dovecot
mail_gid = dovecot

protocols = imap

listen = *, ::

passdb {
  driver = imap
  # IMAP server to authenticate against
  args = host=192.168.1.1
  # IMAP server to connect to for mailbox
  default_fields = proxy=yes host=192.168.1.1
}
userdb {
  driver = prefetch
}

auth_mechanisms = plain login

# This is the auth service used by Postfix to do dovecot auth.
service auth {
  unix_listener auth-userdb {
  }
  inet_listener {
    port = 12345
  }
}

##
## SSL settings
##

# These will need to ba adjusted to point to *your* certificates, not mine 8-)
# The ssl_ca line refers to the intermediate certificate bundle which may or may not be required by your SSL provider

ssl_cert = </etc/ssl/certs/mail.domain.com.au.pem
ssl_key = </etc/ssl/private/mail.domain.com.au.key
#ssl_ca = </etc/pki/tls/certs/ca.crt
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL


More information about the dovecot mailing list