mail proxying

dethegeek nginx-forum at
Sat May 30 23:58:44 UTC 2015


I'm setting up nginx as a reverse proxy for a postfix / dovecot setup.

My imap server requires STARTTLS usage. Nginx seems to not issue STARTTLS
command before forwarding users credentials. 

Here is the error I found in /var/log/nginx/error.log

[error] 928#0: *20 upstream sent invalid response: "* BAD [ALERT] Plaintext
authentication not allowed without SSL/TLS, but your client did it anyway.
If anyone was listening, the password was exposed.

I did not found anything in the documentation to ask nginx to issue STARTTLS
command to the upstream server. Is there a way to achieve this ?

I did not tried pop3 yet, but I'm expecting the same annoyance. and the same
answer; let me know if I'm wrong.

Posted at Nginx Forum:,259279,259279#msg-259279

More information about the nginx mailing list