Hello Aki, On 10.02.20 20:34, Aki Tuomi wrote: > - configure HAproxy to use PROXYv1 or PROXYv2 to protocol to pass > connections details to dovecot. With recent enough dovecot, you can include > TLS information with haproxy to dovecot. > - configure login_trusted_networks and haproxy_trusted_networks > - set 'haproxy=yes' to the listener you are connecting with haproxy, so > dovecot knows to expect and parse the proxy protocol.
that part is working fine. Whether it's a proxied or non-proxied config can be ignored here. The essential question broken down to a minimum is, is there any way to 1) configure a dovecot service with plain unencrypted authentication (like imap-login for example) that also _does_not_ advertise starttls and at the same time 2) configure another dovecot service (like managesieve for example) that _does_ advertise starttls? Thanks Björn
