Re: [Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-27 Thread Nathan M
On Thu, Aug 27, 2009 at 8:55 AM, Michael Orlitzky wrote: >> Also, some users "need" to check email with username only, so the >> local_ip variable is used within the dovecot-sql query to lookup some >> virtual users by  username only + match the local_ip to a table with >> domain+ip lookup. > > Ok,

Re: [Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-27 Thread Michael Orlitzky
Nathan M wrote: On Thu, Aug 27, 2009 at 12:03 AM, Michael Orlitzky wrote: Nathan M wrote: Traditionally this server has only accepted plaintext authentications; however, we want to change that and enable TLS/SSL. The challenge is the server has hundreds of IP addresses it binds to to listen on

Re: [Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-27 Thread Nathan M
On Thu, Aug 27, 2009 at 6:54 AM, Timo Sirainen wrote: > On Wed, 2009-08-26 at 18:27 -0700, Nathan M wrote: >> 1. Ideal scenario.  A config option which tells TLS to only respond on >> certain IPs.  In our case if a connection attempts to initiate TLS on >> any IP address except 10.0.0.2, it would r

Re: [Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-27 Thread Nathan M
On Thu, Aug 27, 2009 at 12:03 AM, Michael Orlitzky wrote: > Nathan M wrote: >> >> Traditionally this server has only accepted plaintext authentications; >> however, we want to change that and enable TLS/SSL.  The challenge is >> the server has hundreds of IP addresses it binds to to listen on ports

Re: [Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-27 Thread Timo Sirainen
On Wed, 2009-08-26 at 18:27 -0700, Nathan M wrote: > 1. Ideal scenario. A config option which tells TLS to only respond on > certain IPs. In our case if a connection attempts to initiate TLS on > any IP address except 10.0.0.2, it would respond with no TLS support. > This would be ideal as we cou

Re: [Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-27 Thread Michael Orlitzky
Nathan M wrote: Traditionally this server has only accepted plaintext authentications; however, we want to change that and enable TLS/SSL. The challenge is the server has hundreds of IP addresses it binds to to listen on ports 110/143. It may be 3am, but I'm pretty sure that this is the part o

Re: [Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-26 Thread Jase Thew
On 27/08/2009 02:27, Nathan M wrote: 1. Ideal scenario. A config option which tells TLS to only respond on certain IPs. In our case if a connection attempts to initiate TLS on any IP address except 10.0.0.2, it would respond with no TLS support. This would be ideal as we could continue running

[Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

2009-08-26 Thread Nathan M
Traditionally this server has only accepted plaintext authentications; however, we want to change that and enable TLS/SSL. The challenge is the server has hundreds of IP addresses it binds to to listen on ports 110/143. Enabling TLS/SSL is not an option because as this is a virtual hosting enviro