Nathan Schultheiss
2014-Jul-18 22:54 UTC
Difference btw. Dovecot Director and Dovecot Proxy
Hello, For a few days I try to understand what program (Dovecot Director or Dovecot Proxy) I should use for my email architecture. We are a hospital, and for security reasons, we must host ourselves our emails, and we must leave Google Apps... I wish to make a Dovecot backend for each department of the hospital. Each backend Dovecot has a local storage. Server 01: cardiology Server 02: emergency ... Server 05: administration Dovecot looks in the database which server to use to store email (lmtp) and transfer the mail for storage. I do not understand if I have to work with Dovecot Director or Proxy if I would that LMTP or IMAP request are forwarded to the right backend. Each have self storage and have not access to the other backend storage (no nfs, no network storage, ...). Users indicate imap.hospital.local, this point to Dovecot Director or Proxy and Dovecot check the login/password and forward the user to the right backend. In my database I put user at hospital = storage host 172.16.2.10 = folder /home/vmail/user/ (Maildir) I've read that the Director can refer the user to the same backend when there is a activ session (POP, IMAP, LMTP) But can we tell him to always refer the user to the same backend (IMAP and LMTP) ? I've found this picture schema who user have Dovecot Proxy => Dovecot Director => Dovecot Backend And I'm confused why they have proxy + director ?!? Can anyone tell me if I need to focus on Dovecot Director or Dovecot Proxy to create the architecture of this hospital ? My question is probably stupid for Dovecot sysadmin, but I'm lost in the WIKI :) Thanks in advance, Nathan
On 19.7.2014 00:54, Nathan Schultheiss wrote:> Hello, > > For a few days I try to understand what program (Dovecot Director or > Dovecot Proxy) I should use for my email architecture. > We are a hospital, and for security reasons, we must host ourselves our > emails, and we must leave Google Apps...OT: great, the less customers they have, the more they'll be forced to play nice with other mail service providers> > I wish to make a Dovecot backend for each department of the hospital. > Each backend Dovecot has a local storage. > > Server 01: cardiology > Server 02: emergency > ... > Server 05: administration > > Dovecot looks in the database which server to use to store email (lmtp) > and transfer the mail for storage. > > I do not understand if I have to work with Dovecot Director or Proxy if > I would that LMTP or IMAP request are forwarded to the right backend. > Each have self storage and have not access to the other backend storage > (no nfs, no network storage, ...). > > Users indicate imap.hospital.local, this point to Dovecot Director or > Proxy and Dovecot check the login/password and forward the user to the > right backend. > In my database I put user at hospital = storage host 172.16.2.10 = folder > /home/vmail/user/ (Maildir) > > I've read that the Director can refer the user to the same backend when > there is a activ session (POP, IMAP, LMTP) > But can we tell him to always refer the user to the same backend (IMAP > and LMTP) ? > > I've found this picture schema who user have Dovecot Proxy => Dovecot > Director => Dovecot Backend > And I'm confused why they have proxy + director ?!? > > Can anyone tell me if I need to focus on Dovecot Director or Dovecot > Proxy to create the architecture of this hospital ? > > My question is probably stupid for Dovecot sysadmin, but I'm lost in the > WIKI :) > > Thanks in advance, > > NathanAs for IMAP/POP3, I'd go for proxy - it's quite easy to set up if you have users in database, you pretty much just return 'y' as "proxy" field and storage backend's IP address as "host" field in password_query and Dovecot will do the rest. As for LMTP - you didn't mention what MTA are you using but if it's Postfix, you can configure it to use database data to translate user name into storage IP address - then you tell it to use LMTP to deliver to that IP. (Not sure about other MTAs.)