Re: [SPAMMY]Re: Dovecot LMTP Proxy + STARTTLS?

2017-11-26 Thread Stephan Bosch 
Op 11/23/2017 om 8:44 PM schreef tobiswo...@gmail.com:
> Hi
>
> thanks for the link. Read that page before but somehow missed the
> comment about ssl+lmtp proxy :-)
>
> Are there any plans to implement that to dovecot in future?

Shouldn't be a problem for v2.3.

Regards,

Stephan.

> Regards
>
> tobi
>
> Am 23.11.2017 um 18:38 schrieb Carsten Rosenberg:
>> NOTE: LMTP/doveadm proxying doesn't support SSL/TLS currently - any 
>> ssl/starttls extra field is ignored
>>
>> https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
>>
>> Am 23. November 2017 09:31:41 MEZ schrieb Tobi :
>>> Hi
>>>
>>> I got dovecot 2.2.26 on a Centos7 with latest updates. Dovecot is
>>> configured to act as director and delivers to my two backend servers.
>>> I enabled lmtp proxy on director to listen on port 24.
>>>
>>> Now I see in msg headers that the connection to the lmtp proxy uses
>>> STARTTLS but the connection from proxy to backend seems to be
>>> unencrypted. Is it possible to enforce the use of STARTTLS in the
>>> connection from the director to the backend as well?
>>>
>>> Regards
>>>
>>> tobi

[SPAMMY]Re: Dovecot LMTP Proxy + STARTTLS?

2017-11-26 Thread Carsten Rosenberg 
NOTE: LMTP/doveadm proxying doesn't support SSL/TLS currently - any 
ssl/starttls extra field is ignored

https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy

Am 23. November 2017 09:31:41 MEZ schrieb Tobi :
>Hi
>
>I got dovecot 2.2.26 on a Centos7 with latest updates. Dovecot is
>configured to act as director and delivers to my two backend servers.
>I enabled lmtp proxy on director to listen on port 24.
>
>Now I see in msg headers that the connection to the lmtp proxy uses
>STARTTLS but the connection from proxy to backend seems to be
>unencrypted. Is it possible to enforce the use of STARTTLS in the
>connection from the director to the backend as well?
>
>Regards
>
>tobi

Re: Dovecot LMTP Proxy + STARTTLS?

2017-11-26 Thread Matt Bryant 
Not according to dovecot doco ... from
https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy

*NOTE: LMTP/doveadm proxying doesn't support SSL/TLS currently - any
ssl/starttls extra field is ignored

*rgds

Matt


> Tobi 
> 23 November 2017 at 6:31 pm
> Hi
>
> I got dovecot 2.2.26 on a Centos7 with latest updates. Dovecot is
> configured to act as director and delivers to my two backend servers.
> I enabled lmtp proxy on director to listen on port 24.
>
> Now I see in msg headers that the connection to the lmtp proxy uses
> STARTTLS but the connection from proxy to backend seems to be
> unencrypted. Is it possible to enforce the use of STARTTLS in the
> connection from the director to the backend as well?
>
> Regards
>
> tobi

Re: [SPAMMY]Re: Dovecot LMTP Proxy + STARTTLS?

2017-11-23 Thread tobisworld 
Hi

thanks for the link. Read that page before but somehow missed the
comment about ssl+lmtp proxy :-)

Are there any plans to implement that to dovecot in future?

Regards

tobi

Am 23.11.2017 um 18:38 schrieb Carsten Rosenberg:
> NOTE: LMTP/doveadm proxying doesn't support SSL/TLS currently - any 
> ssl/starttls extra field is ignored
> 
> https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
> 
> Am 23. November 2017 09:31:41 MEZ schrieb Tobi :
>> Hi
>>
>> I got dovecot 2.2.26 on a Centos7 with latest updates. Dovecot is
>> configured to act as director and delivers to my two backend servers.
>> I enabled lmtp proxy on director to listen on port 24.
>>
>> Now I see in msg headers that the connection to the lmtp proxy uses
>> STARTTLS but the connection from proxy to backend seems to be
>> unencrypted. Is it possible to enforce the use of STARTTLS in the
>> connection from the director to the backend as well?
>>
>> Regards
>>
>> tobi

Dovecot LMTP Proxy + STARTTLS?

2017-11-23 Thread Tobi 
Hi

I got dovecot 2.2.26 on a Centos7 with latest updates. Dovecot is
configured to act as director and delivers to my two backend servers.
I enabled lmtp proxy on director to listen on port 24.

Now I see in msg headers that the connection to the lmtp proxy uses
STARTTLS but the connection from proxy to backend seems to be
unencrypted. Is it possible to enforce the use of STARTTLS in the
connection from the director to the backend as well?

Regards

tobi