At 10PM +0000 on 20/12/12 Tim Smith wrote:>
> Just trying to consolidate my knowledge of Dovecot and I want to
> understand various things rather than just key out lines of config in
> dovecot.conf with the hope of it working.
>
> What I wanted to clarify is my understanding the "socket listen"
section
> of the config file. From my limited understanding, this section details
> how other processes can access the userdb defined in Dovecot. The master
> socket is used for "internal" processes which is mainly
dovecot-lda so
> that when Dovecot receives mail it knows where to deliver it and client
> is defined for "external" processes, for example Postfix who
would use
> the info to determine if a user existed. Would you say this is a fair
> (albeit) dumbed down!!) synopsis of sockets and their purpose?
Your mention of 'socket listen' and 'master' auth sockets
suggests you
are using Dovecot 1.x. That description is pretty-much correct for 1.x,
however you should upgrade to 2.x as soon as you reasonably can, since
1.x is no longer supported. See http://wiki2.dovecot.org/Services#auth
for a description of the socket types available with Dovecot 2.
[The statement there that 'client' sockets can safely be exposed to the
entire world, including over inet sockets, is not entirely true. AFAIK
there is no rate limiting, so an exposed 'client' socket is a password
oracle and should therefore be somewhat protected. The risk is
approximately equivalent to an unshadowed password file, with the
encrypted passwords exposed.]
Ben