Hello fellow self-hosters. Is it possible to use NGINX as a proxy for an IMAP service where the IMAP server is located on a different host? I have a cloud VPS running NGINX which is connected to my home network via a WireGuard tunnel. What I would like to do is run the IMAP server (Dovecot) in my own network and have NGINX proxy the connection. I have tried doing searches based on this but the examples don’t show how to specify the IMAP server for the connection to be redirected to for the lack of a better phrase. I know streaming is possible. Would this be the way to do?
I would love an example to go on. Thanks very much!
I see you, fellow data sovereignty aficionado.
My first thought would be to try and set up iptables/nftables forwarding for this.
Personally I opted to just use my VPS as a MITM mail relay and just forward inbound mail for my domains to my own on-prem dovecot instance.
…your way is probably easier
I will use my VPS as an SMTP smart host because I have a residential dynamic DNS connection and many mail providers block those IPs by default. I have to see if my Oracle always free tier will let me use port 25. I have a feeling I may bit shit out of luck on that front.
Yeah I shell out ~$3 per month for the privilege of indulging in the insanity of self hosting email.
Right now I pay 15.00 a year for email through Zoho and it works really well so maybe it is folly for me to change it up. It’s more the principle of having to pay for email chaps at my ass when I have the technical know-how to do it myself. But Zoho is probably not selling my data since I am a paid member.
It really comes down to what value you assign to having private email storage… unless you’re having GPG encrypted convos, its probably pretty moot anyway as one side is going to have a copy of the email trail and theres a 98% probability its google, microsoft or …yahoo I guess?
I might be talking myself out of this, this is now a therapy session
I actually considered doing port forwarding and NAT for this but I would run into a problem with NAT reflection. I’d have to implement split-brain DNS to avoid this. It’s more efficient to simple proxy the connection. If I am unsuccessful, however, I will resort to port forwarding.