[Dovecot] Plugin hooks in login process

Simone Lazzaris s.lazzaris at interactive.eu
Mon Oct 15 16:13:45 EEST 2012 

Hi all;
I've setup dovecot (2.1.10) in a cluster configuration. We have two servers 
acting as frontend which authenticates users and proxy them to other two 
servers which handles the "real" work.

Users credentials are on a mysql cluster; we have one master, in which 
read/write queries are processed, and many replicated slave, which process 
read-only queries.

The frontend servers reads users credentials from the read-only mysql slaves. 
I'd like to execute a query once the client is verified to update the last 
login data.

Right now, that query is executed on the backend servers, via a post-login 
service:

protocols = imap
service imap-postlogin {
  executable = script-login /usr/local/etc/dovecot/postlogin.sh
  unix_listener imap-postlogin {
    group = vchkpw
    mode = 0600
    user = vpopmail
  }
}
service imap {
  executable = imap imap-postlogin
  process_limit = 2048
}


Problem is, if I execute the update on the backend, I miss the information 
regarding the original IP, as I only see the IP of the proxies.

I haven't been able to launch the postlogin service on the frontend, so I 
figured that I can try to write a plugin - that also seems to me the cleanest 
solution. 

Looking in the dovecot source code, I noticed that there aren't any hooks in 
the execution path used by the proxies; I am missing something ? I am the only 
one missing the presence of this hooks in the auth/proxy process ?

I've also thought of a workaround for this problem. One way is to monitor the 
dovecot logs on the frontend and execute the update asyncronously. One other 
way is to query directly the main mysql server of the cluster and adjust the 
query making it call a stored procedure that updates the information in case 
of successful login.
But I'd really prefer to create a plugin, that I'd be willing to share.

I attach the configuration of the servers (front and back) generated via 
postfix -n.

Thanks in advance for any help.


-- 
Simone Lazzaris | Responsabile aree datacenter e VoIP Interactive Network srl 
| via Roggia Vignola 9, 24047 Treviglio (BG) Tel. 0363 1970352 | Fax 
0363.1971971 | www.interactive.eu 

-------------- next part --------------
# 2.1.10: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-686-bigmem i686 Debian 6.0.2 
auth_debug = yes
auth_verbose = yes
auth_verbose_passwords = plain
base_dir = /var/run/dovecot/
default_login_user = nobody
director_doveadm_port = 9091
director_mail_servers = AAA.BBB.CCC.DDD EEE.FFF.GGG.HHH
director_servers = XXX.YYY.ZZZ.WWW
disable_plaintext_auth = no
listen = *
log_path = /var/log/dovecot
passdb {
  args = /usr/local/etc/dovecot/sql.conf
  driver = sql
}
protocols = imap
service director {
  fifo_listener login/proxy-notify {
    mode = 0666
  }
  inet_listener {
    port = 9090
  }
  unix_listener director-userdb {
    mode = 0600
  }
  unix_listener login/director {
    mode = 0666
  }
}
service imap-login {
  executable = imap-login director
  service_count = 0
}
ssl_cert = </usr/local/etc/dovecot/imapd.pem
ssl_key = </usr/local/etc/dovecot/imapd.pem
userdb {
  driver = prefetch
}
-------------- next part --------------
# 2.0.13: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-686-bigmem i686 Debian 6.0.2 
auth_verbose = yes
auth_verbose_passwords = plain
base_dir = /var/run/dovecot/
default_login_user = nobody
disable_plaintext_auth = no
listen = *
log_path = /var/log/dovecot
mail_gid = 2109
mail_location = maildir:~/Maildir:INDEX=/var/indexes/%1d/%d/%1n/%n:INBOX=~/Maildir
mail_plugins = quota
mail_uid = 7797
namespace {
  inbox = yes
  location = 
  prefix = INBOX.
  separator = .
  type = private
}
namespace {
  hidden = yes
  list = no
  location = 
  prefix = 
  separator = .
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/sql.conf
  driver = sql
}
plugin {
  quota = maildir:User quota
}
protocols = imap
service imap-postlogin {
  executable = script-login /usr/local/etc/dovecot/postlogin.sh
  unix_listener imap-postlogin {
    group = vchkpw
    mode = 0600
    user = vpopmail
  }
}
service imap {
  executable = imap imap-postlogin
  process_limit = 2048
}
ssl_cert = </usr/local/etc/dovecot/imapd.pem
ssl_key = </usr/local/etc/dovecot/imapd.pem
userdb {
  driver = prefetch
}
protocol imap {
  mail_plugins = quota imap_quota
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://dovecot.org/pipermail/dovecot/attachments/20121015/b251e6ed/attachment-0002.bin>

More information about the dovecot mailing list