On Mon, 2010-09-06 at 15:51 +0100, Timo Sirainen wrote:
On Mon, 2010-09-06 at 16:42 +0200, Lukas Garberg wrote:
As these additions cannot be used in the SQL query for the auth service used by postfix (as users would be able to authenticate with any password) I have defined a second auth service (auth postfix { ... }) in dovecot.conf which is slightly different; it returns the password hash instead of NULL as password and skips the proxy and nopasswd part.
That won't work. It's pretty much random how it'll behave.
This works fine on one server, but on the other one the auth services get mixed up and the service defined for postfix (missing password and proxy stuff) is used by the POP3 and IMAP services and vice versa, which breaks the proxying. I've been trying my best to find any difference between the configuration of the two machines, but without result. The configurations are simply copies of each other.
Yeah, it's not even supposed to work the way you want it to work.
So, to finally arrive at my question: Is there any way to specify which authentication service is to be used by each protocol in dovecot.conf?
With v2.0 you can just put the wanted passdbs into protocol imap/smtp {} sections. With v1.2 you can't do anything like that.
Or is the solution instead to rewrite the passdb-query to take the service into account and return 'Y' AS proxy when the service is postfix and 'N' AS proxy when the service is POP3 or IMAP as I then would be able to use only one authentication backend?
Yes, that's the only working way with v1.2. Perhaps even something like:
select ..proxy.. where '%s' != 'smtp' and ..etc.. union all select ..auth.. where '%s' = 'smtp' and ..etc..
Thank you for the quick answer!
I'll go for the upgrade to v2.0.
Regards, Lukas Garberg