diff options
Diffstat (limited to 'roles/IMAP-proxy/files')
| -rw-r--r-- | roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf | 4 | ||||
| -rw-r--r-- | roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext | 2 | ||||
| -rw-r--r-- | roles/IMAP-proxy/files/etc/stunnel/stunnel.conf | 57 |
3 files changed, 60 insertions, 3 deletions
diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf index 242762e..ea39a32 100644 --- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf +++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf @@ -4,8 +4,8 @@ # http://wiki2.dovecot.org/HowTo/ImapcProxy # http://wiki2.dovecot.org/Migration/Dsync -imapc_host = imap.fripost.org -imapc_port = 143 +imapc_host = localhost +imapc_port = 993 # Read multiple mails in parallel, improves performance mail_prefetch_count = 20 diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext b/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext index e292092..7ab096f 100644 --- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext +++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext @@ -4,7 +4,7 @@ passdb { driver = imap - args = host=imap.fripost.org port=143 + args = host=localhost port=993 default_fields = userdb_imapc_password=%w } diff --git a/roles/IMAP-proxy/files/etc/stunnel/stunnel.conf b/roles/IMAP-proxy/files/etc/stunnel/stunnel.conf new file mode 100644 index 0000000..026bc30 --- /dev/null +++ b/roles/IMAP-proxy/files/etc/stunnel/stunnel.conf @@ -0,0 +1,57 @@ +; Sample stunnel configuration file for Unix by Michal Trojnara 2002-2012 +; Some options used here may be inadequate for your particular configuration +; This sample file does *not* represent stunnel.conf defaults +; Please consult the manual for detailed description of available options + +; ************************************************************************** +; * Global options * +; ************************************************************************** + +; A copy of some devices and system files is needed within the chroot jail +; Chroot conflicts with configuration file reload and many other features +; Remember also to update the logrotate configuration. +;chroot = /var/lib/stunnel4/ +; Chroot jail can be escaped if setuid option is not used +setuid = stunnel4 +setgid = stunnel4 + +; PID is created inside the chroot jail +pid = /var/run/stunnel4/stunnel4.pid + +; Debugging stuff (may useful for troubleshooting) +debug = 4 +;output = /var/log/stunnel4/stunnel.log + +; ************************************************************************** +; * Service defaults may also be specified in individual service sections * +; ************************************************************************** + +; Certificate/key is needed in server mode and optional in client mode +;cert = /etc/stunnel/mail.pem +;key = /etc/stunnel/mail.pem +client = yes +socket = a:SO_BINDTODEVICE=lo + +; Authentication stuff needs to be configured to prevent MITM attacks +verify = 4 + +; Disable support for insecure SSLv2 protocol +options = NO_SSLv2 +; Workaround for Eudora bug +;options = DONT_INSERT_EMPTY_FRAGMENTS + +; These options provide additional security at some performance degradation +;options = SINGLE_ECDH_USE +;options = SINGLE_DH_USE + +; ************************************************************************** +; * Service definitions (remove all services for inetd mode) * +; ************************************************************************** + +[imaps] +accept = localhost:993 +connect = imap.fripost.org:993 +CAfile = /etc/stunnel/certs/imap.fripost.org.pem +ciphers = ECDH+AES:DH+AES + +; vim:ft=dosini |