I'm a database noob, and it really seems like it would be overkill for my setup: I just want to proxy all connections from my DMZ to my internal mail server -- same internal server for all users. I used to use perdition for this set up, but am having issues getting it to play nicely with my new servers. Can I bypass all of the SQL stuff and just have dovecot forward all POP/IMAP connections to a specific server? Or perhaps set up a wild card lookup in the database (preferably something serverless like sqlite) so that no matter the query, it'll return one server? I don't really want to add "database management" to my list of jobs I have to do, especially for ~1000 users, and when I don't handle user creation/deletion. -- Dan Bongert dbongert at ssc.wisc.edu -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3320 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20080401/2b3ffd83/attachment-0002.bin>
Dan Bongert wrote:> I'm a database noob, and it really seems like it would be overkill for > my setup: I just want to proxy all connections from my DMZ to my > internal mail server -- same internal server for all users. I used to > use perdition for this set up, but am having issues getting it to play > nicely with my new servers.iptables?
Hi Dan,
you can set up a static/simple passdb. All you have to do is to return
some
extrafields for proxying.
We had a 'passdb checkpassword' and I simply set those environment
variables
in our checkpassword script (python).
os.environ['proxy'] = 'Y' # if there is a proxy field,
proxying is
enabled whatever the value is
os.environ['host'] = '192.168.0.1' # the server to proxy the
connection to
os.environ['EXTRA'] = 'proxy host' # passdb checkpassword
needs to
know about the extra fields
os.environ['USER'] = user # the user to use
os.environ['HOME'] = '' # set on the 'host'
As you can see, you only have to enable proxying and set a destination
host
and all connections get forwarded 'dumb' ;).
Greets,
Ruben Lang
dovecot-bounces+r.lang=scan-plus.de at dovecot.org schrieb am 01.04.2008
23:45:07:
> I'm a database noob, and it really seems like it would be overkill for
my > setup: I just want to proxy all connections from my DMZ to my internal
mail > server -- same internal server for all users. I used to use perdition
for > this set up, but am having issues getting it to play nicely with my
> new servers.
>
> Can I bypass all of the SQL stuff and just have dovecot forward all
POP/IMAP > connections to a specific server? Or perhaps set up a wild card lookup
in > the database (preferably something serverless like sqlite) so that no
matter > the query, it'll return one server? I don't really want to add
"database
> management" to my list of jobs I have to do, especially for ~1000
users,
and > when I don't handle user creation/deletion.
>
> --
> Dan Bongert dbongert at ssc.wisc.edu
>
On Tue, 01 Apr 2008 16:45:07 -0500, Dan Bongert <dbongert at ssc.wisc.edu> wrote:> > I'm a database noob, and it really seems like it would be overkill for my > setup: I just want to proxy all connections from my DMZ to my internal mail > server -- same internal server for all users. I used to use perdition for > this set up, but am having issues getting it to play nicely with my new servers.Hi! We are using stunnel for this purpose: /usr/bin/stunnel -f -p /etc/stunnel/cert.pem -d externalIP:993 -s mail -g mail -r internalIP:143 Greetings -- Robert Sander Senior Manager Information Systems Epigenomics AG Kleine Praesidentenstr. 1 10178 Berlin, Germany phone:+49-30-24345-0 fax:+49-30-24345-555 http://www.epigenomics.com robert.sander at epigenomics.com