[Dovecot] Dovecot as IMAP proxy to Exchange

Willie Gillespie wgillespie+dovecot at es2eng.com
Thu Dec 9 23:10:58 EET 2010

Hugo Monteiro wrote:
> Hello list,
> I'm looking into the possibility to setup dovecot to act as an IMAP 
> proxy to an Exchange server.
> Things i know beforehand:
> - I will not be able to use the ldap (Active Directory) user DN for auth 
> binds (but i discovered that i could could use the user 
> userPrincipalName attribute as bind DN. I tested it using ldapsearch and 
> it worked fine.)
> - I will not be able to perform any unbinded searches.
> - The Exchange server is unique, so i can setup a static proxy route to 
> the server.
> Given the above, i'd like to post some questions:
> 1 - Will i be able to use auth_bind = yes given the restrictions? My 
> first guess is that this might work if i use something like 
> "auth_bind_userdn = %u at example.org"

Yes, you can do things like "auth_bind_userdn = %n at example.org"  As long 
as it works to bind that way with ldapsearch you should be fine.

> 2 - Will i be able to specify a static route to the exchange server, not 
> having to rely on that information from the AD itself?

Don't know the answer here.

> Another thing i'd like to know is if NTLM auth can be used while dovecot 
> acts only as proxy.

Hmm, I don't think so with auth_bind = yes.  I could be wrong though.

More information about the dovecot mailing list