diff --git a/core/admin/mailu/internal/views/dovecot.py b/core/admin/mailu/internal/views/dovecot.py
index 07fce5b2..f9a07556 100644
--- a/core/admin/mailu/internal/views/dovecot.py
+++ b/core/admin/mailu/internal/views/dovecot.py
@@ -17,7 +17,7 @@ def dovecot_passdb_dict(user_email):
     return flask.jsonify({
         "password": None,
         "nopassword": "Y",
-        "allow_nets": ",".join(allow_nets)
+        "allow_real_nets": ",".join(allow_nets)
     })
 
 @internal.route("/dovecot/userdb/")
diff --git a/core/dovecot/conf/dovecot.conf b/core/dovecot/conf/dovecot.conf
index d9b85172..60c94238 100644
--- a/core/dovecot/conf/dovecot.conf
+++ b/core/dovecot/conf/dovecot.conf
@@ -11,6 +11,8 @@ default_internal_user = dovecot
 default_login_user = mail
 default_internal_group = dovecot
 
+haproxy_trusted_networks = {{ SUBNET }} {{ SUBNET6 }}
+
 ###############
 # Mailboxes
 ###############
@@ -109,6 +111,7 @@ protocol pop3 {
 service imap-login {
   inet_listener imap {
     port = 143
+    haproxy = yes
   }
 }
 
diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf
index b373fb13..7e5e7b5c 100644
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@@ -338,6 +338,7 @@ mail {
       starttls only;
       {% endif %}
       protocol imap;
+      proxy_protocol on;
       imap_auth plain;
       auth_http_header Auth-Port 143;
     }
@@ -349,6 +350,7 @@ mail {
       starttls only;
       {% endif %}
       protocol pop3;
+      proxy_protocol on;
       pop3_auth plain;
       auth_http_header Auth-Port 110;
     }
@@ -377,6 +379,7 @@ mail {
       listen 993 ssl;
       listen [::]:993 ssl;
       protocol imap;
+      proxy_protocol on;
       imap_auth plain;
       auth_http_header Auth-Port 993;
     }
@@ -385,6 +388,7 @@ mail {
       listen 995 ssl;
       listen [::]:995 ssl;
       protocol pop3;
+      proxy_protocol on;
       pop3_auth plain;
       auth_http_header Auth-Port 995;
     }