Use stunnel to secure the connection from the IMAP proxy to the IMAP server.

The reason is that we don't want to rely on CAs to verify the certificate of our server. Dovecot currently doesn't offer a way to match said cert against a local copy or known fingerprint. stunnel does.
author: Guilhem Moulin <guilhem@fripost.org> 2014-07-02 17:54:24 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:52:15 +0200
commit: 7a5cc5032b036f110a19b899cfc264065b473ed1 (patch)
tree: e3b0960dea5ee0203dda36013adf2fcaba4c8a8f /roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
parent: 7becb5c762df5089bb0c4ff5a7f2fb026379fcb3 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext b/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
index e292092..7ab096f 100644
--- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
+++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
@@ -1,17 +1,17 @@
 # Authentication via remote IMAP server. Included from auth.conf.
 #
 # <doc/wiki/PasswordDatabase.IMAP.txt>
 
 passdb {
   driver         = imap
-  args           = host=imap.fripost.org port=143
+  args           = host=localhost port=993
   default_fields = userdb_imapc_password=%w
 }
 
 # "prefetch" user database means that the passdb already provided the
 # needed information and there's no need to do a separate userdb lookup.
 # <doc/wiki/UserDatabase.Prefetch.txt>
 userdb {
   driver         = prefetch
   default_fields = home=/home/imapproxy/%d/%n
 }
author	Guilhem Moulin <guilhem@fripost.org>	2014-07-02 17:54:24 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:52:15 +0200
commit	7a5cc5032b036f110a19b899cfc264065b473ed1 (patch)
tree	e3b0960dea5ee0203dda36013adf2fcaba4c8a8f /roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
parent	7becb5c762df5089bb0c4ff5a7f2fb026379fcb3 (diff)