Uldis Pakuls
2008-Feb-11 17:02 UTC
[Dovecot] Dovecot auth-master socket as postfix table lookup source.
Hi all. Intro: Timo has already done great job providing patch which allows postfix to authenticate directly against dovecot (included in latest postfix sorce code/release). Now I'm looking around for one more thing. I want to use dovecot's user db as source for postfix lookup tables. In particular: virtual_mailbox_maps Main reason is - postfix access rules and fighting against spam. This will allow to look up dovecot dovecot's user-db and check status of user. If user not exist mail is rejected at SMTP protocol level (instead of accepting mail and later getting bounce for dovecot's deliver). Rules I use looks like: smtpd_recipient_restrictions permit_sasl_authenticated, permit_auth_destination, reject Of course I can write simple script which duplicates dovect's user-db information in format usable by postfix's postmap (this is way in all may mail systems works now). What I want is implement lookups directly against dovecot. Such table can be used for postfix virtual deliver too. It seems implement Dovecot authentication protocol for use in postfix table lookup mechanism is relative easy. Also there is no need to patch complete postfix source code. Postfix allow to create pugins (external dynamically loadable libraries) for such task. recent postfix source code already includes such plugins for mysql, ldap etc.. My question is - my be some one has already made such plugin or my be someone is interested to cooperate in such job. [my be Timo itsef?:))] Uldis
Timo Sirainen
2008-Feb-11 17:19 UTC
[Dovecot] Dovecot auth-master socket as postfix table lookup source.
On Mon, 2008-02-11 at 19:02 +0200, Uldis Pakuls wrote:> Now I'm looking around for one more thing. I want to use dovecot's > user db as source for postfix lookup tables. > In particular: virtual_mailbox_mapsThere's a semi-standard UNIX socket protocol for this that's implemented by Postfix, Sendmail and Cyrus and maybe others. I don't remember its name right now though. Maybe if auth-master socket is named specially it could use this protocol instead. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20080211/923c2328/attachment-0002.bin>