similar to: IMAP proxy - can it detect parodying to itself?

Hi, I have two load-balanced dovecot servers using a single NFS mount. The version is 1.2.11. I chose this so that if one server goes down the other will take up the load, and if my load is too much for one server I just have to add more identical servers. It works, but I wish to move to SAN storage because the NFS server is exhibiting irregular performance. (I spent a lot of time with tcpdump to

Before I spend some time experimenting with what might be impossible, maybe someone can just tell me (either "how" or that it's impossible). I'd like to get perdition out of my environment (mainly to have one less moving part in my architecture). I'm looking at dovecot's built-in proxying. In my setup, I don't have dedicated front-end machines. A user can connect

Does anyone know if dovecot support regex lookups for proxy/proxy_maybe, rather than mysql/ldap etc? I've been comparing it with perdition to see which one might be better for us to do layer7 username switching. Perdition supports the ability to not have any auth/db looks, but rather just a regex file that parses the usernames as they come in and forwards to the particular machine on the

When using proxy_maybe CRAM-MD5 authentication fails when the connection is proxied. Is this expected behavior? Is proxy_maybe too simplified for this case? We're using SQL so I could rewrite the query with IFs to fake proxy_maybe and return the password as NULL and nologin as Y, but if it works that way couldn't it work with proxy_maybe? This works: password_query = \ SELECT NULL AS

We are looking at deploying several pop/imap servers to house the mail for 15,000 or more mailbox accounts. We are contemplating on the design and are looking at using MySQL auth (we already have a MySQL environment in place for our user auth to live) and proxy_maybe so each server can proxy for all the others and we just have a network load balancer distribute the incoming connections to all of

Hi all, I want to enable trace debugging for sieve. Most specifically, I want to know what sieve scripts are running, and whether they?re doing anything. I cannot get anything other than dead silence from dovecot with respect to sieve. I have tried the same as asked in this question: https://unix.stackexchange.com/questions/550618/dovecot-sieve-trace-does-not-create-a-log In my case, the

Hello. 1. I have two identically hosts 2. I have set up replication between two hosts 3. I have 'Y' AS proxy_maybe in password_query. 4. password_query returns one of this one hosts 5. I set this parameters in dovecot config: disable_plaintext_auth = yes ssl = yes auth_mechanisms = plain login for enforce use encrypted connections by client programs.

Hi all, When configuring Samba against an LDAP server, it is possible to configure an SSL connection by using "ldap ssl = on" in the smb.conf file. Is there a way of telling Samba's LDAP code to ensure that the certificate presented by the LDAP server is signed by a specific CA? Regards, Graham --

Hi all, In an attempt to get the old v2.2 Samba behaviour to work, I tried to enable the ldapsam_compat mode in passwd backend. Win2k cannot connect, username and password not accepted. The LDAP logs reveal that Samba is trying to make the following search: (&(&(uid=minfrin)(objectClass=sambaSamAccount))(objectClass=sambaAccount)) This search returns users who have both the old v2.2

Hi all, While trying to mirror a filesystem from one machine to another (for backup purposes) I get the following error: [root@samantha root]# /usr/bin/rsync -qavxzC --delete chandler:/var/ /bigdisk/backup/chandler/dev-md5-var/ root@chandler's password: rsync error: unexplained error (code 24) at main.c(1045) Does this mean anything to anybody? Regards, Graham --

I was reading "conf.d/10-director.conf" and it mentions Dovecot proxy. I've been using perdition in the past for my pop/imap proxying needs and wasn't sure if Director could also use perdition or if it only works with Dovecots proxying. Thanks!

Hi all, According to the docs at https://wiki.dovecot.org/Pigeonhole/Sieve, some extensions are not available by default. The docs tell me the sieve_plugins, sieve_extensions and/or sieve_global_extensions configs are involved, but I can find no authoritative documentation as to what the values should be. What values must I use to make ?vnd.dovecot.environment? available? Adding

Hi all I have dovecot-lda set up to run as vmail:vmail, with some sieve scripts in /var/lib/dovecot/sieve. The sieve scripts fail to be found with the following (detailed and very helpful) error message: Oct 14 16:13:33 gatekeeper dovecot[8109]: lda(minfrin at example.com)<8109><ZJ9nMo0Hh1+tHwAAKdTwig>: Error: sieve: file storage: Failed to stat sieve storage path:

Hi Folks, I spent quite some time yesterday understanding how proxy works along with the director. I came to the conclusion that proxy_maybe and director cannot be used together, but this isn?t a true incompatibility so much as caused by the way things are handled and the order they are processed in. The way proxy_maybe works is that it is processed by the auth provider once it gets the

I have this config: # BL00070 - Disable NFS service {["nfs","nfslock","netfs","portmap"]: ensure => stopped, enable => false, } user {"rpc": ensure => absent, provider => "useradd" } user {"rpcuser": ensure => absent, provider => "useradd" } file

Hello, I've just finished transiting our proxies from perdition to dovecot (2.1.7-7 Debian). Yesterday 12 messages (all within the same second) like this caught my attention: --- Apr 25 17:19:09 pp11 dovecot: auth: Warning: proxy(redacted at gol.com,xx.xx.xx.xx,<26hUEivbfQBlMrMS>): DNS lookup for mb04.dentaku.gol.com took 5.002 s --- Now this machine at that time was handling a load

Hi all, I have a legacy system that uses gnarwl to handle vacation messages, most specifically the vacation messages are stored in LDAP. We have a web based tool that allows people to update their vacation message, all they?re doing is modifying LDAP. I am trying to find out if dovecot?s vacation sieve can do the same thing. I am struggling however to find something that describes to me how

The wiki <http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy> page says this: "The connections created to the destination server can't be TLS/SSL encrypted.". Hrmm. Right now, with perdition, I'm forcing the use of STARTTLS on the internal connections. I'd just as soon get rid of perdition (to have one less moving part in my architecture), but I need the

On 23 Sep 2020, at 14:29, Marc Roos <M.Roos at f1-outsourcing.eu> wrote: > You can do whatever you like, as long as the result is this 'text' file. > I have also bash file that modifies this file for users. You can make a > 5 min cron job that detects changes in ldap and then creates the sieve > rule. I've tried the cronjob approach before, and people didn?t like

Hello, I'm using proxy_maybe and auth_default_realm. It seems that when a user logs in without the domain name, relying on auth_default_realm, and the "host" field points to the local server, I get the Proxying loops to itself error. It does work as expected - log on to the local server without proxying, if the user does include the domain name in the login. (IP's and