--- a/src/lib-imap-client/imapc-client.c	Fri Jan 15 19:36:46 2016 +0200
+++ b/src/lib-imap-client/imapc-client.c	Sat Jan 16 21:31:55 2016 +0200
@@ -57,6 +57,7 @@
 	client->set.username = p_strdup(pool, set->username);
 	client->set.password = p_strdup(pool, set->password);
 	client->set.sasl_mechanisms = p_strdup(pool, set->sasl_mechanisms);
+	client->set.use_proxyauth = set->use_proxyauth;
 	client->set.dns_client_socket_path =
 		p_strdup(pool, set->dns_client_socket_path);
 	client->set.temp_path_prefix =

--- a/src/lib-imap-client/imapc-client.h	Fri Jan 15 19:36:46 2016 +0200
+++ b/src/lib-imap-client/imapc-client.h	Sat Jan 16 21:31:55 2016 +0200
@@ -73,6 +73,7 @@
 	/* Space-separated list of SASL mechanisms to try (in the specified
 	   order). The default is to use only LOGIN command or SASL PLAIN. */
 	const char *sasl_mechanisms;
+	bool use_proxyauth; /* Use Sun/Oracle PROXYAUTH command */
 	unsigned int max_idle_time;
 
 	const char *dns_client_socket_path;

--- a/src/lib-imap-client/imapc-connection.c	Fri Jan 15 19:36:46 2016 +0200
+++ b/src/lib-imap-client/imapc-connection.c	Sat Jan 16 21:31:55 2016 +0200
@@ -754,6 +754,25 @@
 }
 
 static void
+imapc_connection_proxyauth_login_cb(const struct imapc_command_reply *reply,
+				    void *context)
+{
+	struct imapc_connection *conn = context;
+	const struct imapc_client_settings *set = &conn->client->set;
+	struct imapc_command *cmd;
+
+	if (reply->state == IMAPC_COMMAND_STATE_OK) {
+		cmd = imapc_connection_cmd(conn, imapc_connection_login_cb,
+					   conn);
+		imapc_command_set_flags(cmd, IMAPC_COMMAND_FLAG_PRELOGIN);
+		imapc_command_sendf(cmd, "PROXYAUTH %s", set->username);
+		imapc_command_send_more(conn);
+	} else {
+		imapc_connection_auth_finish(conn, reply);
+	}
+}
+
+static void
 imapc_connection_authenticate_cb(const struct imapc_command_reply *reply,
 				 void *context)
 {
@@ -861,6 +880,15 @@
 		}
 	}
 
+	if (set->use_proxyauth && set->master_user != NULL) {
+		/* We can use LOGIN command */
+		cmd = imapc_connection_cmd(conn, imapc_connection_proxyauth_login_cb,
+					   conn);
+		imapc_command_set_flags(cmd, IMAPC_COMMAND_FLAG_PRELOGIN);
+		imapc_command_sendf(cmd, "LOGIN %s %s",
+				    set->master_user, set->password);
+		return;
+	}
 	if (sasl_mech == NULL &&
 	    ((set->master_user == NULL &&
 	      !need_literal(set->username) && !need_literal(set->password)) ||

--- a/src/lib-storage/index/imapc/imapc-settings.c	Fri Jan 15 19:36:46 2016 +0200
+++ b/src/lib-storage/index/imapc/imapc-settings.c	Sat Jan 16 21:31:55 2016 +0200
@@ -88,6 +88,7 @@
 	{ "search", IMAPC_FEATURE_SEARCH },
 	{ "zimbra-workarounds", IMAPC_FEATURE_ZIMBRA_WORKAROUNDS },
 	{ "no-examine", IMAPC_FEATURE_NO_EXAMINE },
+	{ "proxyauth", IMAPC_FEATURE_PROXYAUTH },
 	{ NULL, 0 }
 };
 

--- a/src/lib-storage/index/imapc/imapc-settings.h	Fri Jan 15 19:36:46 2016 +0200
+++ b/src/lib-storage/index/imapc/imapc-settings.h	Sat Jan 16 21:31:55 2016 +0200
@@ -11,7 +11,8 @@
 	IMAPC_FEATURE_GMAIL_MIGRATION		= 0x08,
 	IMAPC_FEATURE_SEARCH			= 0x10,
 	IMAPC_FEATURE_ZIMBRA_WORKAROUNDS	= 0x20,
-	IMAPC_FEATURE_NO_EXAMINE		= 0x40
+	IMAPC_FEATURE_NO_EXAMINE		= 0x40,
+	IMAPC_FEATURE_PROXYAUTH			= 0x80
 };
 /* </settings checks> */
 

--- a/src/lib-storage/index/imapc/imapc-storage.c	Fri Jan 15 19:36:46 2016 +0200
+++ b/src/lib-storage/index/imapc/imapc-storage.c	Sat Jan 16 21:31:55 2016 +0200
@@ -265,6 +265,7 @@
 		return -1;
 	}
 	set.sasl_mechanisms = imapc_set->imapc_sasl_mechanisms;
+	set.use_proxyauth = (imapc_set->parsed_features & IMAPC_FEATURE_PROXYAUTH) != 0;
 	set.max_idle_time = imapc_set->imapc_max_idle_time;
 	set.dns_client_socket_path = *ns->user->set->base_dir == '\0' ? "" :
 		t_strconcat(ns->user->set->base_dir, "/",