Hi,
First, my version:
[root at centos1 conf.d]# dovecot --version
2.2.15
[root at centos1 conf.d]#
I have already configured dovecot that way (on one single VM, so everythinh is
stored on the same machine)
- A post fix server sending out to LMTP
- LMTP is the dovecot LMTP server, configured with "lmtp-proxy=
no",
- LMTP checks the users receiving messages by using Linux passwd file
"userdb" section in auth-passwdfile.conf.ext,
- IMAP LOGINS are authenticated using DIGEST-MD5 also configured in
auth-passwdfile.conf.ext :
-
# Authentication for passwd-file users. Included from 10-auth.conf.
#
# passwd-like file with specified location.
# <doc/wiki/AuthDatabase.PasswdFile.txt>
passdb {
driver = passwd-file
args = scheme=DIGEST-MD5 username_format=%n /etc/dovecot/users.DIGEST-MD5
#args = scheme=CRAM-MD5 username_format=%n /etc/dovecot/users.CRAM-MD5
}
userdb {
driver = passwd
# Default fields that can be overridden by passwd-file
#default_fields = quota_rule=*:storage=1G
default_fields = uid=root gid=root home=/home/%n
# Override fields from passwd-file
#override_fields = home=/home/virtual/%u
}
This works fine, I can send messages through SMTP, and read them using IMAP
access.
But now, I woukd like to have amore structured architecture with :
- A LMTP server configured as PROXY : has to identify the user, and
proxy the request to the backen LMTP server (where its mailbox will stand)
- On backend, I also have to start another LMTP serevr, but not
configured in proxy mode of course,
- Same for IMAP : IMAP proxy first checking LOGIN credentials, and then
forwarding to IMAP server running on backend.
As a first step, I would like to continue using my files to authenticate uses
(so passwd file , and users.DIGEST-MD5), but final goal will be using a MySQL
DB.
So my main question are :
1) I just made a test and changed "lmtp_proxy" to
"yes" in my 20_lmtp.cong file, but, strangely, this did not cah nge
anything ! The LMTP process still receives mails and stores them on the local
host ,
2) Are there any documentation describing this process in details ? I only
found some pieces on wiki pages, but not enough unfortunately ...
3) Are there some configuratiion files ready to use for my configuration.
Thanks in advance.
Cordialement.
Guenha?l.
This message contains information that may be privileged or confidential and is
the property of the Capgemini Group. It is intended only for the person to whom
it is addressed. If you are not the intended recipient, you are not authorized
to read, print, retain, copy, disseminate, distribute, or use this message or
any part thereof. If you receive this message in error, please notify the sender
immediately and delete all copies of this message.
On Mon, Dec 22, 2014 at 12:06 PM, Le Moing, Guenha?l < guenhael.le-moing at capgemini.com> wrote:> > So my main question are : > > > 1) I just made a test and changed "lmtp_proxy" to "yes" in my > 20_lmtp.cong file, but, strangely, this did not cah nge anything ! The LMTP > process still receives mails and stores them on the local host , > > 2) Are there any documentation describing this process in details ? I > only found some pieces on wiki pages, but not enough unfortunately ... > > 3) Are there some configuratiion files ready to use for my > configuration. > > Thanks in advance. > > Cordialement. > > Guenha?l. > This message contains information that may be privileged or confidential > and is the property of the Capgemini Group. It is intended only for the > person to whom it is addressed. If you are not the intended recipient, you > are not authorized to read, print, retain, copy, disseminate, distribute, > or use this message or any part thereof. If you receive this message in > error, please notify the sender immediately and delete all copies of this > message. >Hi Guenha?l I was working in a project with 2 "front-end" servers (POP3/IMAP/LMTP proxy) and 2 "back-end" servers (Mailbox). I configured Director[1] in the proxies to reduce conflicts and master-password[2]. My proxies don't have userdb nor location because they do not store emails, those configs are in the back-end. My backend is an "standalone" Dovecot but with master-password allowed in trusted networks as described in the wiki[2][3]. Also, I configured PoolMon[4] in all proxies and added Debian/Ubuntu scripts[5]. [... I removed some configs for short...] ------------ PROXY doveconf -------------- [...] director_mail_servers = 10.0.0.74 10.0.0.75 director_servers = 10.0.0.72 10.0.0.73 doveadm_port = 24245 lmtp_proxy = yes passdb { driver = pam override_fields = proxy=y ssl=any-cert master=proxy at alpha.mydomain.com pass=<PASSWORD-PROXY-MASTER> } service director { fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap-login { executable = imap-login director [...] } service ipc { unix_listener ipc { user = dovecot } } service lmtp { executable = lmtp -L [...] } service pop3-login { executable = pop3-login director [...] } protocol lmtp { auth_socket_path = director-userdb [...] } protocol doveadm { auth_socket_path = director-userdb } local 10.0.0.0/24/24 { doveadm_password = <PASSWORD-DOVEADM> doveadm_port = 24245 } ----------------- END -------------------------------------- Not sure if this will work for you but maybe it helps you to get an idea. Regards, Manuel Delgado ----------------------------------------------------------- *Usuario Linux* *#520940 <http://counter.li.org/>* Bach. Computaci?n e Inform?tica Universidad de Costa Rica [1] http://wiki2.dovecot.org/Director [2] http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy [3] http://wiki2.dovecot.org/Authentication/MasterUsers [4] http://www.dovecot.org/list/dovecot/2010-August/051946.html [5] https://github.com/valarauco/poolmon