Re: [Dovecot] Questions about Proxy/Director

[Patrick Westenberg]

Hi again,

I have a working test environment not but I don't feel very comfortable 
with a non encrypted connection between the proxy/director and the 
backend servers.

If I set ssl = required on my backend server I get this error:
imap-login: Disconnected (tried to use disabled plaintext auth)

Is there a chance to encrypt this connection?



# 2.0.16: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.3
auth_debug = yes
auth_verbose = yes
director_mail_servers = 172.17.0.31
director_servers = 172.17.213.213
disable_plaintext_auth = no
lmtp_proxy = yes
mail_debug = yes
passdb {
  args = proxy=y nopassword=y
  driver = static
}
service auth {
  unix_listener auth-userdb {
    mode = 0600
    user = dovecot
  }
}
service director {
  fifo_listener login/proxy-notify {
    mode = 0666
  }
  inet_listener {
    port = 5515
  }
  unix_listener director-userdb {
    mode = 0600
  }
  unix_listener login/director {
    mode = 0666
  }
}
service imap-login {
  executable = imap-login director
}
ssl = required
ssl_cert = </etc/ssl/certs/***.crt
ssl_key = </etc/ssl/certs/***.key

and the backend

# 2.0.16: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.3
disable_plaintext_auth = no
listen = 172.17.0.31
mail_gid = vmail
mail_home = /var/mail/%d/%n
mail_location = mdbox:~/mdbox
mail_plugins = quota
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
namespace {
  inbox = yes
  location =
  prefix = INBOX.
  separator = .
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  autocreate = INBOX.Sent
  autocreate2 = INBOX.Trash
  autocreate3 = INBOX.Drafts
  autocreate4 = INBOX.Spamverdacht
  autosubscribe = INBOX.Sent
  autosubscribe2 = INBOX.Trash
  autosubscribe3 = INBOX.Drafts
  autosubscribe4 = INBOX.Spamverdacht
  quota = dict:User quota::file:%h/mdbox/dovecot-quota
  quota_rule2 = INBOX.Trash:storage=+100M
  quota_warning = storage=90%% quota-warning 90 %u
  quota_warning2 = storage=75%% quota-warning 75 %u
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
  sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
}
protocols = imap sieve
service imap-login {
  service_count = 1
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  inet_listener sieve_deprecated {
    port = 2000
  }
  service_count = 1
}
ssl = required
ssl_cert = </etc/ssl/certs/imap.wk-serv.de.crt
ssl_key = </etc/ssl/certs/imap.wk-serv.de.key
userdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol imap {
  mail_plugins = quota imap_quota autocreate
}