fripost-ansible/roles/IMAP-proxy/files/etc/stunnel, branch master Fripost ansible scripts Remove the IMAP caching proxy. 2016-05-28T12:17:19+00:00 Guilhem Moulin guilhem@fripost.org 2016-05-28T11:52:48+00:00 0084cd71699b4ad55c2912647f93afa32bbf7671 Dovecot imapc requires two authentication rounds to the IMAP backend for each connection. It seems suboptimal that Roundcube keeps connecting to the IMAP server for each new connection, but benchmarks shows little advantage in caching the IMAP sessions with imapproxy: http://www.dovecot.org/list/dovecot/2012-February/133544.html 
Dovecot imapc requires two authentication rounds to the IMAP backend for
each connection.  It seems suboptimal that Roundcube keeps connecting to
the IMAP server for each new connection, but benchmarks shows little
advantage in caching the IMAP sessions with imapproxy:

  http://www.dovecot.org/list/dovecot/2012-February/133544.html
Use systemd unit files for stunnel4. 2016-05-12T09:33:55+00:00 Guilhem Moulin guilhem@fripost.org 2016-05-11T16:07:09+00:00 90d498034b891123350785a134402172de477f4f 






stunnel: disable compression.
2015-10-27T15:26:24+00:00

Guilhem Moulin
guilhem@fripost.org

2015-10-27T15:26:24+00:00

c2b9d04ecef5babc028728d4426aab9237b5ce86












stunnel: use GCM ciphers only; use SSL options rather than ciphers to disable protocols.
2015-10-27T15:13:40+00:00

Guilhem Moulin
guilhem@fripost.org

2015-10-27T15:13:40+00:00

04bd46f2b238c052fe98a538c3601da131ccc343












Rename imap.conf → roundcube.conf
2015-06-07T00:54:24+00:00

Guilhem Moulin
guilhem@fripost.org

2015-06-04T16:57:34+00:00

e8514e6a5ed5677c52cceb6c526c33d9bb235355












stunnel.conf → imap.conf
2015-06-07T00:54:09+00:00

Guilhem Moulin
guilhem@fripost.org

2015-06-01T16:42:43+00:00

2b308feeeaf36017e4255c2685b7a5609b290957












Upgrade the webmail configuration from Wheezy to Jessie.
2015-06-07T00:53:54+00:00

Guilhem Moulin
guilhem@fripost.org

2015-05-31T02:02:00+00:00

b29601e313e8d35ec7edee343c82ca71ed6a3a12












Disable Nagle's algorithm (and SSLv3) in stunnel.
2015-06-07T00:52:29+00:00

Guilhem Moulin
guilhem@fripost.org

2014-07-04T21:04:17+00:00

379a4b157c50645bdc7bb134b245bdd6e4938061












Use stunnel to secure the connection from the IMAP proxy to the IMAP server.
2015-06-07T00:52:15+00:00

Guilhem Moulin
guilhem@fripost.org

2014-07-02T15:54:24+00:00

7a5cc5032b036f110a19b899cfc264065b473ed1

The reason is that we don't want to rely on CAs to verify the
certificate of our server.  Dovecot currently doesn't offer a way to
match said cert against a local copy or known fingerprint.  stunnel
does.





The reason is that we don't want to rely on CAs to verify the
certificate of our server.  Dovecot currently doesn't offer a way to
match said cert against a local copy or known fingerprint.  stunnel
does.