summaryrefslogtreecommitdiffstats
path: root/roles/IMAP/files/etc/dovecot
diff options
context:
space:
mode:
Diffstat (limited to 'roles/IMAP/files/etc/dovecot')
-rw-r--r--roles/IMAP/files/etc/dovecot/conf.d/10-master.conf1
-rw-r--r--roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf8
2 files changed, 9 insertions, 0 deletions
diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-master.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-master.conf
index 51ed7c6..d477d01 100644
--- a/roles/IMAP/files/etc/dovecot/conf.d/10-master.conf
+++ b/roles/IMAP/files/etc/dovecot/conf.d/10-master.conf
@@ -18,6 +18,7 @@ service imap-login {
inet_listener imap {
address = 172.16.0.1
port = 143
+ ssl = no
}
inet_listener imaps {
port = 993
diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
index a733e94..4eabe53 100644
--- a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
+++ b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
@@ -5,6 +5,14 @@
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
ssl = required
+# No need for SSL if the packets are protected by IPSec.
+local 172.16.0.1 {
+ protocol imap {
+ disable_plaintext_auth = no
+ ssl = no
+ }
+}
+
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed