search for: proxy_maybe

Hi Folks, I spent quite some time yesterday understanding how proxy works along with the director. I came to the conclusion that proxy_maybe and director cannot be used together, but this isn?t a true incompatibility so much as caused by the way things are handled and the order they are processed in. The way proxy_maybe works is that it is processed by the auth provider once it gets the response from the passdb, it checks for proxy_may...

When using proxy_maybe CRAM-MD5 authentication fails when the connection is proxied. Is this expected behavior? Is proxy_maybe too simplified for this case? We're using SQL so I could rewrite the query with IFs to fake proxy_maybe and return the password as NULL and nologin as Y, but if it works that way couldn'...

Hello. 1. I have two identically hosts 2. I have set up replication between two hosts 3. I have 'Y' AS proxy_maybe in password_query. 4. password_query returns one of this one hosts 5. I set this parameters in dovecot config: disable_plaintext_auth = yes ssl = yes auth_mechanisms = plain login for enforce use encrypted connections by client programs. When the client connects to host i...

Does anyone know if dovecot support regex lookups for proxy/proxy_maybe, rather than mysql/ldap etc? I've been comparing it with perdition to see which one might be better for us to do layer7 username switching. Perdition supports the ability to not have any auth/db looks, but rather just a regex file that parses the usernames as they come in and forwards to...

We are looking at deploying several pop/imap servers to house the mail for 15,000 or more mailbox accounts. We are contemplating on the design and are looking at using MySQL auth (we already have a MySQL environment in place for our user auth to live) and proxy_maybe so each server can proxy for all the others and we just have a network load balancer distribute the incoming connections to all of the Dovecot servers. Each server would have its own local maildir storage for the users local to that server and all of the authentication and target backend pop/imap s...

Hello, I'm using proxy_maybe and auth_default_realm. It seems that when a user logs in without the domain name, relying on auth_default_realm, and the "host" field points to the local server, I get the Proxying loops to itself error. It does work as expected - log on to the local server without proxying, if the u...

Hi help is preciated, PROBLEM The dovecot-ldap.conf of "proxy server A" is working when the "host" attribute is the FQDN of other server: pass_attrs = uid=user,userPassword={SSHA}password,\ =proxy_maybe=,maildrop=host,=port=143,=destuser=%u,=starttls=any-cert pass_filter = (&(objectClass=posixAccount)(uid=%u)) CASES When the "host" attribute is the "FQDN of server A" dovecot imap-login start and infinite loop which swallow all RAM, and process are showing many connections...

Hi, Using dovecot 1.1.2 on a dual-stack server, with the 'proxy_maybe' attribute to forward some clients to another server, it seems that only clients connecting with the same protocol version as the one used by address in the 'host' attribute in the password db are recognized as local. If an IPv4 address is specified as 'host', a dovecot proxy i...

Hello, ???I am trying to setup dovecot director and am receiving a lot of "Aborted login (proxy dest auth failed)" and "error proxying loops to itself" messages in the dovecot log. I don't fully understand the dovecot-ldap.conf file config? could someone please let me know if the following is correct. If so what could be causing the errors mentioned above, if not what

...have Exim using Dovecot for authentication. Dovecot, in turn, consults a custom internal server that answers Dovecot?s userdb queries. When IMAP connections arrive, for some users we want to forward those connections--without authentication--to an external IMAP server. For these users, we return ?proxy_maybe? and ?nopassword? in the authn response from our userdb server. This tells Dovecot to proxy the connection to a new server without trying to authenticate. Exim, though, doesn?t grok ?proxy_maybe?, so it just sees ?nopassword?. In response, it just skips SMTP authentication entirely. We could ad...

...9;s built-in proxying. In my setup, I don't have dedicated front-end machines. A user can connect to any server, but their mail files live on one particular machine. I'd like to transparently proxy them from whatever machine they happen to hit to their home machine. Except for the "proxy_maybe" feature advertised for dovecot 1.1, I don't see a surefire way to do this. Has anyone done it, or can anyone say for sure that it can't reasonably be done until "proxy_maybe"? Tx! -- bill-dovecot at carpenter.ORG (WJCarpenter) PGP 0x91865119 38 95 1B 69 C9 C6 3D 25...

...y=select endereco as user, password, '/var/spool/mail/%u' as userdb_home, 'maildir:/var/spool/mail/%u' as userdb_mail, 8 as userdb_uid, 12 as userdb_gid, concat('*:storage=', quota) as userdb_quota_rule, 'Trash:storage=+100M' as userdb_quota_rule2, 'Y' as proxy_maybe, '10.252.38.2' as host from emails where endereco = '%u' and ativa = '1' UNION select NULL as user, '%w' as password, NULL as userdb_home, NULL as userdb_mail, NULL as userdb_uid, NULL as userdb_gid, NULL as userdb_quota_rule, NULL as userdb_quota_rule2, 'Y...

...this for POP3 as well, although only the remote IP/port is forwarded, not local IP/port. I implemented this also for LMTP in v2.2 tree, but haven't bothered to backport that change. Both POP3 and LMTP uses XCLIENT command that is compatible to Postfix's (XCLIENT ADDR=1.2.3.4 PORT=110). 2. proxy_maybe=yes + host=host.example.com actually works now. As long as host.example.com DNS lookup returns one IP that belongs to the current server the proxying is skipped. 3. auth_proxy_self = 1.2.3.4 setting means that if proxy_maybe=yes and host=1.2.3.4 then Dovecot assumes that this is a local login and...

...ovecot: auth(default): ldap(teste2 at xxxx.com.br,10.0.2.2): result: mailMessageStore(userdb_home)=/data/services/dominios/xxxx.com.br/t/te/teste2/ mailHostAddress(host)=10.0.149.3 mailQuotaSize(userdb_quota_rule=*:bytes)=2048576000 uid(user)=teste2 at xxxx.com.br qmailGID(userdb_gid)=1033 qmailUID(proxy_maybe)=1033 Jan 22 14:02:59 mailserver--03 dovecot: auth(default): client out: OK 1 user=teste2 at xxxx.com.br Jan 22 14:02:59 mailserver--03 dovecot: auth(default): master in: REQUEST 1 3085 1 Jan 22 14:02:59 mailserver--03 dovecot: auth(default): prefetch(teste2 at xxxx.com.br,10.0.2.2)...

...5 } inet_listener submission_465 { port = 465 ssl = yes } } -- What happens instead: Dovecot is attempting to send mail to the host specified in the passdb file: root at imapproxy1:~# cat /etc/virtual/xalys.nl/passwd test:$password.:8:8::/home/test.nl/test:/bin/false:userdb_quota_rule=*:bytes=0 proxy_maybe=y host=$ipaddr How do I get Dovecot to relay mail sent to submission ports to 'submission_relay_host'? Met vriendelijke groeten, William Edwards T. 040 - 711 44 96 E. wedwards at cyberfusion.nl ? submission_relay_host -------------- next part -------------- An HTML attachment was s...

...nect from 127.0.0.1: Successful quit Dec 4 17:04:07 backend3 dovecot: auth: Debug: master in: PASS#0111#011postmaster at mailnet.local#011service=doveadm Dec 4 17:04:07 backend3 dovecot: auth-worker(5446): Debug: sql(postmaster at mailnet.local): query: SELECT username AS user, crypt AS password, proxy_maybe, host FROM users WHERE username = 'postmaster at mailnet.local' AND enabled = 1 Dec 4 17:04:07 backend3 dovecot: auth: Debug: passdb out: PASS#0111#011user=postmaster at mailnet.local#011host=192.168.100.112#011proxy Dec 4 17:04:07 backend3 dovecot: doveadm(postmaster at mailnet.local): D...

Hello Timo, In order to plan a migration, I want to setup an IMAP proxy (proxy_maybe) with a dovecot server (I'm running the old dovecot-2.1.15 but I could upgrade or use a proxy only dovecot-2.2.x server)/LDAP pass et userdb's. I'm won't be in charge of the migration itself but I think the idea will be to migrate a chunk of users each night and then let the proxy...

Hi For some application we need a master user on our IMAP servers. We use dovecot 1.1.7 in proxy mode, with proxy_maybe (some mailboxes are on the proxy itself, others are on remote servers, also running dovecot). But the proxy removes the '*master' suffix from the username when using the master user to log in on the proxy. So the base name of the user with the master password are submitted to the real serv...

hi, we are using the dovecot-rc1 version, and we are testing the director service, as there is little documentation on this service, a pair of questions.. if i'm not wrong, the proxy_maybe it's not implemented, yet? will be soon? this limitation does not allow use the same two directors servers like mail backend servers? the fairlure of one director server it's automatically detected or require manual intervention? thanks and sorry for so many questions... Xavier

...11.2.so[b7551000+140000] If no host field attribute is present in ldap (like mailHost for qmail-ldap), and we are trying to use proxy, then dovecot segfaults. If more information's needed, let me know. Also, somewhat unrelated, but maybe the wiki needs to be edited since using a template as =proxy_maybe=y works, while in wiki its kinda opposite. I don't know of specifics, but should I try using a recent release ?