controlling STARTTLS by IP address
Aki Tuomi
aki.tuomi at dovecot.fi
Thu Jul 14 21:53:58 UTC 2016
On 15.07.2016 00:52, Michael Fox wrote:
>> You could try
>>
>> remote x.x.x.x/y {
>> ssl = no
>> }
>>
>> Aki
> Wow. OK. But I can find no documentation on how to use that.
>
> Would it be used inside service pop3-login, or at the top level?
>
> And, does it apply the first match found? For example:
>
> # Disable SSL for radio clients
> remote 192.168.1.0/24 {
> ssl = no
> }
> # Allow SSL for internal clients
> remote 192.168.0.0/16 {
> ssl = yes
> }
> # Require SSL for all others
> remote 0.0.0.0/0 {
> ssl = required
> }
>
> Thanks,
> Michael
You can leave the last bit off. Not sure about the ordering, but you'll
find out by testing? =)
Aki
More information about the dovecot
mailing list