> > IOW, > > dovecot would see an SSL connection too. > > Hmm, yes. I took it to mean that the 'encrypt' of > > encrypt(compress(imap stream)) > > was the "extra layer". But, I think your interpretation is more easily > arrived at, and if it's what Mark meant, you're absolutely right that the > tunnel won't help. > > A compressed SSH tunnel to regular, non-SSL IMAP should work to reduce > traffic, though.
Absolutely. And it'll even be considered 'secure' since local
connections are secure.
OTOH, if you're going to the trouble to use ssh anyway, can Thunderbird
do something like a "connect command"? I use that in evolution, and mine
looks like something like this:
ssh -C mailserver '/usr/sbin/dovecot --exec-mail imap'
where 'mailserver' really is an alias in my .ssh/config
johannes
signature.asc
Description: This is a digitally signed message part
