nginx-forum at nginx.us
Sat May 30 23:58:44 UTC 2015
I'm setting up nginx as a reverse proxy for a postfix / dovecot setup.
My imap server requires STARTTLS usage. Nginx seems to not issue STARTTLS
command before forwarding users credentials.
Here is the error I found in /var/log/nginx/error.log
[error] 928#0: *20 upstream sent invalid response: "* BAD [ALERT] Plaintext
authentication not allowed without SSL/TLS, but your client did it anyway.
If anyone was listening, the password was exposed.
I did not found anything in the documentation to ask nginx to issue STARTTLS
command to the upstream server. Is there a way to achieve this ?
I did not tried pop3 yet, but I'm expecting the same annoyance. and the same
answer; let me know if I'm wrong.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,259279,259279#msg-259279
More information about the nginx