south africa
2009-Mar-16 14:38 UTC
[Dovecot] Dovecot as a POP3-/POP3SSL-proxy in front of exchange 2003
Dear all, im looking for a solution to protect an Exchange 2003 email server from direct "pop3-internet-connects". Is it possible that Dovecot act as a POP3-/POP3SSL-Proxy, "LDAP-authenticate" all user logins to a Windows 2003 domain controller and forward then all POP3-connects to a single Exchange 2003 server? Could someone give me some advices or a link for howtos for this solution? The howto on www.dovcot.org (http://wiki.dovecot.org/HowTo/ImapProxy) does not fit in my situation because it prefere a mysql server and not a LDAP-server/domain-controller. Greetings Paul _____________________________________________________________ Get your FREE TheDoghouseMail email address at http://www.thedoghousemail.com
Steffen Kaiser
2009-Mar-17 13:06 UTC
[Dovecot] Dovecot as a POP3-/POP3SSL-proxy in front of exchange 2003
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 16 Mar 2009, south africa wrote:> Is it possible that Dovecot act as a POP3-/POP3SSL-Proxy, > "LDAP-authenticate" all user logins to a Windows 2003 domain controller > and forward then all POP3-connects to a single Exchange 2003 server?About the auth search the archives for auth and ad, e.g. you'll find "[Dovecot] Dovecot authenticating---> Active Directory Win2003". There you'll also find a discussion, why not do so :) but use kerberos instead.> Could someone give me some advices or a link for howtos for this solution?Google "dovecot proxy ldap" and you'll find: "[Dovecot] Ldap Proxy" as well as "[Dovecot] proxy mode and ldap" quite easily.> The howto on www.dovcot.org (http://wiki.dovecot.org/HowTo/ImapProxy) > does not fit in my situation because it prefere a mysql server and not a > LDAP-server/domain-controller.Actually, this is the doc, that applies to you. It says: Have your passdb return: uid, host and proxy. nodelay and nologin is good, too. http://wiki.dovecot.org/AuthDatabase/LDAP/Userdb Describes how to add static fields to a LDAP pass_attr/user_attr= query, e.g.: pass_attrs uid=user,userPassword=password,mailHost=host,=proxy=yes,=nologin=yes,=nodelay=yes The syntax is roughly: ldapAttribute=DovecotData=staticValue if ldapAttribute is an empty string, the staticValue is used. It's kind of confusing sometimes. Bye. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSb+gc3WSIuGy1ktrAQJ1vwf/Y4hUbot9oYanPoiCq2PekuZFdAdC1Ezm AJZrx4TaFi3ARJHACzng/ReT18r/EHX5akHbEfTgy0/5mCwWDUqRTOwYiDZlZ/Y9 nYVIQqi0qrMj7HcWCPHQdgj4lDLsDwa9sNCoLM7c/oyTEifO9XLSMz2+nhsGNq31 0tTDk8Ud/wzotU+mkZ0bskLCUFPPFK4Yy7kRfv/mI5Yd4n5DyEkZdHIxvdqZijlA 2r7NAGm7RdC/Z3zYAp/lSl9lW3XIjqhYuYkflTNoyQ+zt0MOnNIzzvL3ofsuHP+8 1jvFQd3m8yJC5Uu5tIJzHKaLwW+5I97DTk8xRtyFW3AjymUbh6EQnQ==kj7L -----END PGP SIGNATURE-----