Re: IMAP Proxy for Security

[Henri Salo <henri () nerv fi>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 11 Sep 2010 17:44:58 -0700
G Farnham <gfarnham () gmail com> wrote:

> Does anyone have experience setting up an IMAP proxy for Security that
> they can share?
> The scenario is this:
> You have a mail server (e.g. Exchange) on your internal.  Your users
> have smart phones that they want to be able to connect to imap from an
> IP.
> You want to put a proxy in DMZ add some security and proxy IMAP over
> TLS (port 993) to your mail server.
> By "add some security" this could be things like check if protocol
> meets RFC, connecting limiting, additional authentication, etc.
> Most of the imap proxy info I have found is about deploying proxies
> for performance or architectural reasons.  Looks like the proxies just
> pass the connection through and don't add security.
>
> The ones I've come across are:
> Cyrus  http://www.cyrusimap.org/
> ImapProxy  http://imapproxy.org/
> Nginx  http://wiki.nginx.org/Main
> Perdition  http://horms.net/projects/perdition/
> Dovecot  http://www.dovecot.org/
>
> All suggestions welcome.
>
> G

I suggest that you should use Dovecot. It has proven to be very good
software. I have never used it as a proxy, but I think that shouldn't
be hard to do even with using some other tools like fetchmail or such.

Best regards,
Henri Salo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkyOTMIACgkQXf6hBi6kbk9jGACdEB7f0g29K2bSY9364G3cpGCk
UbMAnRcsq/hQdu2oheSljmJ35EEyb1Oy
=4wFM
-----END PGP SIGNATURE-----