[Dovecot] proxy host specified as fqdn in userdb
Abstract from http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy
Hello Timo, Here goes one more item for the v2.0 wishlist: Will it become possible to do dovecot imap proxying based on a "host" userdb attribute that is an FQDN (instead of a numeric IP as it is now)? It would simplify things for large smtp clusters that already do LDAP mail routing, based on per user "mailHost" attribute containg mail server FQDNs (according to "IETF Internet Draft LDAP Schema for Intranet Mail Routing", http://www.sendmail.org/m4/laser.txt). It is kinda redundunt to keep an extra LDAP attribute for "host" that contains essentially the same information as "mailHost" attribute, but in numeric form.
I know the proposed change is not that important for many people, so don't really bother unless it is trivial to implement.
apap
On Tue, 2007-03-27 at 00:56 +0300, Apostolos Papayanakis wrote:
The problem with this is that it would require adding asynchronous DNS library to Dovecot, or alternatively hoping that your DNS server is never down (and hanging when it is). I don't really want to implement the latter, and adding async DNS library just for proxying which is used by very few people seems a bit bloaty.
On Tue, Mar 27, 2007 at 01:03:54AM +0300, Timo Sirainen wrote:
If we require SSL/TLS connections, are we not always "proxying" connections? if that is true, and most folks require SSL/TLS (is that not the case??), then wouldn't most folks then be used by lots of people?
--
Steven F. Siirila Office: Lind Hall, Room 130B Internet Services E-mail: sfs@umn.edu Office of Information Technology Voice: (612) 626-0244 University of Minnesota Fax: (612) 626-7593
On Tue, Mar 27, 2007 at 11:28:54PM +0300, Timo Sirainen wrote:
Of course I meant "then wouldn't most folks be proxying?"
And how many people are proxying SSL/TLS connections to different
computers?
I don't know about that, but what I'm asking is.. how many people are allowing IMAP/POP3 connections (with authentication via user/pw) over non-secure (non-SSL/TLS) connections? I wouldn't think there would be many nowadays, and that there would be less as time passes. If that assumption is true, then I would think proxying would be very common (at least within a host where the imap-login and imap processes are paired together doing SSL/TLS).
--
Steven F. Siirila Office: Lind Hall, Room 130B Internet Services E-mail: sfs@umn.edu Office of Information Technology Voice: (612) 626-0244 University of Minnesota Fax: (612) 626-7593
On Wed, Mar 28, 2007 at 01:58:34AM +0300, Timo Sirainen wrote:
My misunderstanding... That's what I get for skimming my e-mail! Sorry for the added noise. :)
--
Steven F. Siirila Office: Lind Hall, Room 130B Internet Services E-mail: sfs@umn.edu Office of Information Technology Voice: (612) 626-0244 University of Minnesota Fax: (612) 626-7593
participants (3)
-
Apostolos Papayanakis
-
Steven F Siirila
-
Timo Sirainen