Hi!
I have installed Perdition on a server which (will) sits between my
mail server and mail gateway. Currently I am just running webmail via
the proxy and it works really great but my plan is to change the imap
CNAME to point to the proxy so that all connections from clients
(thunderbird, iphone, etc) will go via the proxy as well.
I have tested this and most clients worked fine as long as they were
using STARTTLS on port 143 or unencrypted connections (which won't be
allowed in production) however users connecting on port 993 seem "stuck"
to the real mailserver, I suspect it is some kind of SSL session thing.
Users connecting with STARTTLS immediately get a password prompt when
the DNS change is dected by their computer but with SSL on port 993 the
client fails to connect and / or sits there trying to connect
indefinately. Restarting perdition or the real mail server doesn't
change that behaviour.
The really weird thing is that it seemed to work for a handfull of
clients. Also, when changing the DNS back, some clients then remain
"stuck" to the proxy server instead (only port 993 users).
I am somewhat confused by the ssl_mode settings too. Advice would be
seriously appreciated :)
/Alan
PS: same is true for POP on port 995.
PPS: The real server and the proxy have different certs, proxy has a
real one whereas the imap server has a self signed.
Show replies by date