[Dovecot] 'doveadm who' enhancement request
Brad Davidson
brandond at uoregon.edu
Thu Jun 3 03:20:59 EEST 2010
Timo,
> > Is there any chance 'doveadm who'
> > could use this to display the original connection source?
>
> If login_trusted_networks contains proxies, I think it should already
do
> that?..
Interesting. I'd tried putting the private network in
login_trusted_networks but it got stuck in a loop until the director
process ran out of file handles, so I took it back out. This is probably
a little weird in that it's proxying to itself, and also trusting the
looped connection. I guess it's running the original endpoints through
the authdb for validation, which then proxies, causes another authdb
lookup, etc?
/etc/dovecot/dovecot.conf:
director_servers = 10.142.0.162
director_mail_servers = 10.142.0.162
login_trusted_networks = 10.142.0.0/24
passdb {
driver = sql
args = /etc/dovecot/proxy-sqlite.conf
}
passdb {
driver = pam
}
userdb {
driver = passwd
}
/etc/dovecot/proxy-sqlite.conf:
driver = sqlite
connect = /dev/null
password_query = SELECT null AS password, 'Y' AS nopassword, 'Y' AS
proxy WHERE '%{lip}' NOT LIKE '10.142.0.%%' AND '%{lip}' != '%{rip}'
The verbose auth look during the loop looked like:
(lots more of the following omitted)
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: new auth connection:
pid=19120
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client in: AUTH
1 PLAIN service=imap secured lip=128.223.142.138
rip=128.223.157.45 lport=993 rport=60872 resp=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client out: OK 1
user=brandond proxy pass=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug:
sql(brandond,128.223.157.45): query: SELECT null AS password, 'Y' AS
nopassword, 'Y' AS proxy WHERE '128.223.142.138' NOT LIKE '10.142.0.%'
AND '128.223.142.138' != '128.223.157.45'
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: new auth connection:
pid=19121
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client in: AUTH
1 PLAIN service=imap secured lip=128.223.142.138
rip=128.223.157.45 lport=993 rport=60872 resp=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client out: OK 1
user=brandond proxy pass=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug:
sql(brandond,128.223.157.45): query: SELECT null AS password, 'Y' AS
nopassword, 'Y' AS proxy WHERE '128.223.142.138' NOT LIKE '10.142.0.%'
AND '128.223.142.138' != '128.223.157.45'
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client in: AUTH
1 PLAIN service=imap secured lip=128.223.142.138
rip=128.223.157.45 lport=993 rport=60872 resp=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client out: OK 1
user=brandond proxy pass=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug:
sql(brandond,128.223.157.45): query: SELECT null AS password, 'Y' AS
nopassword, 'Y' AS proxy WHERE '128.223.142.138' NOT LIKE '10.142.0.%'
AND '128.223.142.138' != '128.223.157.45'
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: new auth connection:
pid=19123
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: new auth connection:
pid=19124
Jun 2 13:48:58 cc-popmap7 dovecot: director: Error:
socket(/var/run/dovecot//auth-login) failed: Too many open files
Jun 2 13:48:58 cc-popmap7 dovecot: director: Error:
connect(/var/run/dovecot//auth-login) failed: Too many open files
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client in: AUTH
1 PLAIN service=imap secured lip=128.223.142.138
rip=128.223.157.45 lport=993 rport=60872 resp=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: director: Error:
socket(/var/run/dovecot//auth-login) failed: Too many open files
Jun 2 13:48:58 cc-popmap7 dovecot: director: Error:
connect(/var/run/dovecot//auth-login) failed: Too many open files
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug: client out: OK 1
user=brandond proxy pass=<hidden>
Jun 2 13:48:58 cc-popmap7 dovecot: auth: Debug:
sql(brandond,128.223.157.45): query: SELECT null AS password, 'Y' AS
nopassword, 'Y' AS proxy WHERE '128.223.142.138' NOT LIKE '10.142.0.%'
AND '128.223.142.138' != '128.223.157.45'
Jun 2 13:48:58 cc-popmap7 dovecot: director: Error:
socket(/var/run/dovecot//auth-login) failed: Too many open files
Jun 2 13:48:58 cc-popmap7 dovecot: director: Error:
connect(/var/run/dovecot//auth-login) failed: Too many open files
Jun 2 13:48:58 cc-popmap7 dovecot: imap-login: Warning: Error sending
handshake to auth server: Broken pipe
-Brad
More information about the dovecot
mailing list