[Dovecot] Understanding Sockets

Tim Smith tim at titan21.co.uk
Fri Dec 21 10:37:55 EET 2012


Thanks Ben,

I'm using an Ubuntu Server OS (10.04) and it seems that the latest 
package they provide is 1.2.9.

Do you know if anyone has had any success getting a Dovecot 2 package on 
this Ubuntu distro and how they went about it (Not comfortable compiling 
sources at this point!!)?

Tim

On 21/12/12 00:21, Ben Morrow wrote:
> At 10PM +0000 on 20/12/12 Tim Smith wrote:
>> Just trying to consolidate my knowledge of Dovecot and I want to
>> understand various things rather than just key out lines of config in
>> dovecot.conf with the hope of it working.
>>
>> What I wanted to clarify is my understanding the "socket listen" section
>> of the config file. From my limited understanding, this section details
>> how other processes can access the userdb defined in Dovecot. The master
>> socket is used for "internal" processes which is mainly dovecot-lda so
>> that when Dovecot receives mail it knows where to deliver it and client
>> is defined for "external" processes, for example Postfix who would use
>> the info to determine if a user existed. Would you say this is a fair
>> (albeit) dumbed down!!) synopsis of sockets and their purpose?
> Your mention of 'socket listen' and 'master' auth sockets suggests you
> are using Dovecot 1.x. That description is pretty-much correct for 1.x,
> however you should upgrade to 2.x as soon as you reasonably can, since
> 1.x is no longer supported. See http://wiki2.dovecot.org/Services#auth
> for a description of the socket types available with Dovecot 2.
>
> [The statement there that 'client' sockets can safely be exposed to the
> entire world, including over inet sockets, is not entirely true. AFAIK
> there is no rate limiting, so an exposed 'client' socket is a password
> oracle and should therefore be somewhat protected. The risk is
> approximately equivalent to an unshadowed password file, with the
> encrypted passwords exposed.]
>
> Ben
>





More information about the dovecot mailing list