Sadly, I have spent all weekend on this and I'm hopping someone can tell me if what I want to do is even possible or a good idea.
I am trying to use an AWS Classic Load Balancer to terminate SSL before forwarding the decrypted TCP traffic to my EC2 Instance that has postfix and dovecot installed and configured for IMAP and SMTP.
I know Proxy Protocol will help forward along the original ip address and port, but how will postfix/dovecot know when the connection was an SSL one?
What about STARTLS, can that be configured to work with a load balancer?
My understanding is that the load balancer ports can either accept TCP or SSL, but not be configured for both.
Thank you for your help.