From 7a5cc5032b036f110a19b899cfc264065b473ed1 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 2 Jul 2014 17:54:24 +0200
Subject: Use stunnel to secure the connection from the IMAP proxy to the IMAP
 server.

The reason is that we don't want to rely on CAs to verify the
certificate of our server.  Dovecot currently doesn't offer a way to
match said cert against a local copy or known fingerprint.  stunnel
does.
---
 roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf      | 4 ++--
 roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'roles/IMAP-proxy/files/etc/dovecot')

diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf
index 242762e..ea39a32 100644
--- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf
+++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf
@@ -4,8 +4,8 @@
 # http://wiki2.dovecot.org/HowTo/ImapcProxy
 # http://wiki2.dovecot.org/Migration/Dsync
 
-imapc_host = imap.fripost.org
-imapc_port = 143
+imapc_host = localhost
+imapc_port = 993
 
 # Read multiple mails in parallel, improves performance
 mail_prefetch_count = 20
diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext b/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
index e292092..7ab096f 100644
--- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
+++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/auth-imap.conf.ext
@@ -4,7 +4,7 @@
 
 passdb {
   driver         = imap
-  args           = host=imap.fripost.org port=143
+  args           = host=localhost port=993
   default_fields = userdb_imapc_password=%w
 }
 
-- 
cgit v1.2.3