I've made a preliminary auth policy server in Perl - and it sort of works (mostly) - but I've got some questions on "proper" implementation.
It appears the communication is HTTP based - is the intent to talk to a "proper" webserver, or is a simple dedicated daemon appropriate (which is what I made)?
Should connections be maintained, or terminated after each response (which is my current setup)?
If my implementation is correct, I may have found a bug, as I have some log entries like:
Jun 30 08:24:20 bubba dovecot: imap-login: Warning: Auth connection closed with 1 pending requests (max 31 secs, pid=10253, EOF) Jun 30 08:24:20 bubba dovecot: auth: Fatal: master: service(auth): child 31631 killed with signal 11 (core dumped)
Guidance would be appreciated.
-- Daniel