[olug] IMAPS proxy?
Phil Brutsche
phil at brutsche.us
Fri Jan 25 07:14:13 UTC 2008
Wouldn't stunnel be simpler?
Obi-Wan wrote:
> Do any of you folks know of any software that will proxy IMAPS
> (port 993) connections, terminate the SSL at the proxy, and then
> pass the connection off to a back-end IMAP (non-SSL) server?
>
> The non-negotiable back-end server is Oracle Collaboration Suite,
> but let's just assume it's an arbitrary, standards-compliant IMAP
> server. OCS has the annoying feature that turning on SSL is an
> all or nothing venture. Either EVERYBODY (even in house) uses
> SSL for all connections (web, email, & calendar), or NOBODY can.
> There's no way to require it from external connections without
> also requiring it internally. SSL imposes a hefty CPU load, so
> we'd rather avoid it altogether and move the SSL terminator out
> to a reverse proxy in our DMZ. We've done that with HTTP using
> Squid, but IMAP is proving difficult.
>
> The only IMAP proxy I've been able to find is a Russian program
> named nginx (Engine-X), but English documentation is sparse, and
> I can't find anything that tells how to configure an IMAPS proxy
> (although it does claim to support it).
>
--
Phil Brutsche
phil at brutsche.us
More information about the OLUG
mailing list