different TLS protocols on different ports

Joseph Tam jtam.home at gmail.com
Wed Nov 14 23:46:09 EET 2018

On Wed, 14 Nov 2018, Aki Tuomi wrote:

>> I'm providing IMAP+Starttls on port 143 for users with legacy MUA.  So
>> I've to enable TLS1.0 up to TLS1.3 For IMAPS / port 993 I like to
>> enable TLS1.2 and TLS1.3 only.
>> Is this possible with dovecot-2.2.36 / how to setup this?
> Not possible I'm afraid.

("Not possible" = challenge!)

Couldn't you run two different instances (with 2 separate run-time
directories), each listening on a different port with their own SSL
configuration?  Or would it clash somewhere?

If only a single running instance of dovecot is required, I guess you
can run dovecot on the localhost interface, and use 2 stunnel proxies.

Joseph Tam <jtam.home at gmail.com>

More information about the dovecot mailing list