Hi, I would like to have two seperate imap listeners, with different authentication settings, but the mailstore and userbase etc will be identical. I know I can do this:> service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imap2 { > port = 144 > } > }But I'm unsure how to configure imap/143 with "driver = ldap" and imap2/144 with "driver = pam" Just to explain why i would like this: I am using pam-script-saml (https://github.com/ck-ws/pam-script-saml) to enable saml-based access to dovecot. I would like to have one listener 144 to only serve this saml authentication listener, and the regular 143 listener with driver = ldap. Is that config possible? Best regards, MJ
On 12/29/2016 09:23 PM, mj wrote:> Hi, > > I would like to have two seperate imap listeners, with different > authentication settings, but the mailstore and userbase etc will be > identical. > > I know I can do this: > >> service imap-login { >> inet_listener imap { >> port = 143 >> } >> inet_listener imap2 { >> port = 144 >> } >> }For the record, I'm using dovecot 2.2.26 on debian. MJ
Hi, Does the lack of replies mean that what I'm asking is not possible? (or am I missing something SO obvious that nobody bothers to point it out..?) MJ On 12/29/2016 09:23 PM, mj wrote:> Hi, > > I would like to have two seperate imap listeners, with different > authentication settings, but the mailstore and userbase etc will be > identical. > > I know I can do this: > >> service imap-login { >> inet_listener imap { >> port = 143 >> } >> inet_listener imap2 { >> port = 144 >> } >> } > > But I'm unsure how to configure imap/143 with "driver = ldap" and > imap2/144 with "driver = pam" > > Just to explain why i would like this: > > I am using pam-script-saml (https://github.com/ck-ws/pam-script-saml) to > enable saml-based access to dovecot. I would like to have one listener > 144 to only serve this saml authentication listener, and the regular 143 > listener with driver = ldap. > > Is that config possible? > > Best regards, > MJ
It's very difficult at least. I can't instantly think any sensible way forward, but you might be able to get somewhere using %a variable. Aki> On December 31, 2016 at 11:38 AM mj <lists at merit.unu.edu> wrote: > > > Hi, > > Does the lack of replies mean that what I'm asking is not possible? > > (or am I missing something SO obvious that nobody bothers to point it > out..?) > > MJ > > On 12/29/2016 09:23 PM, mj wrote: > > Hi, > > > > I would like to have two seperate imap listeners, with different > > authentication settings, but the mailstore and userbase etc will be > > identical. > > > > I know I can do this: > > > >> service imap-login { > >> inet_listener imap { > >> port = 143 > >> } > >> inet_listener imap2 { > >> port = 144 > >> } > >> } > > > > But I'm unsure how to configure imap/143 with "driver = ldap" and > > imap2/144 with "driver = pam" > > > > Just to explain why i would like this: > > > > I am using pam-script-saml (https://github.com/ck-ws/pam-script-saml) to > > enable saml-based access to dovecot. I would like to have one listener > > 144 to only serve this saml authentication listener, and the regular 143 > > listener with driver = ldap. > > > > Is that config possible? > > > > Best regards, > > MJ
Or. maybe it is the holidays and people actually have a life? On December 31, 2016 4:38:53 AM EST, mj <lists at merit.unu.edu> wrote:>Hi, > >Does the lack of replies mean that what I'm asking is not possible? > >(or am I missing something SO obvious that nobody bothers to point it >out..?) > >MJ > >On 12/29/2016 09:23 PM, mj wrote: >> Hi, >> >> I would like to have two seperate imap listeners, with different >> authentication settings, but the mailstore and userbase etc will be >> identical. >> >> I know I can do this: >> >>> service imap-login { >>> inet_listener imap { >>> port = 143 >>> } >>> inet_listener imap2 { >>> port = 144 >>> } >>> } >> >> But I'm unsure how to configure imap/143 with "driver = ldap" and >> imap2/144 with "driver = pam" >> >> Just to explain why i would like this: >> >> I am using pam-script-saml (https://github.com/ck-ws/pam-script-saml) >to >> enable saml-based access to dovecot. I would like to have one >listener >> 144 to only serve this saml authentication listener, and the regular >143 >> listener with driver = ldap. >> >> Is that config possible? >> >> Best regards, >> MJ-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
> On 31 Dec 2016, at 11.38, mj <lists at merit.unu.edu> wrote: > > Hi, > > Does the lack of replies mean that what I'm asking is not possible? > > (or am I missing something SO obvious that nobody bothers to point it out..?) >It is difficult. what you might be able to do is to configure multiple inet_listeners and then use CoS setup with multiple passdb:s. something like: service imap-login { inet_listener imap { port = 143 } inet_listener imap2 { port = 144 } } and then in first passdb fetch configuration variables: passdb { driver = passwd-file args = username_format=port_%{lport} /etc/dovecot/extrasettings.passwd result_failure = continue result_internalfail = continue result_success = continue } passdb { ?. } and in second passdb {} you can use %{passdb:variables} that you set in the first passdb. Probably can?t set driver = %{passdb:driver} tough.. maybe with setup like this you can achieve what you want. Sami