On 07/12/2020 23:22, John Fawcett wrote:
On 07/12/2020 23:09, Adi Pircalabu wrote:
On 07/12/2020 06:02, Adi Pircalabu wrote:
Hi,
I have a Dovecot proxy setup with several proxy machines (currently running 2.3.11.3) in front of the real Dovecot servers (2.3.10.1) storing the mailboxes. "doveconf -a | egrep lip" returns: login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>
In the real server maillog I'm expecting to have "lip" replaced with the IP address of the proxy. It works as expected for imap-login processes, however for pop3-login processes I still see the real server IP instead of the proxy IP. Ideas?
Regards,
Hi Adi
in general people want to get the original ip not the proxied ip. The proxying of the original ip is done by a different method for imap and pop3
https://wiki.dovecot.org/Design/ParameterForwarding
However, unless I'm reading this wrongly, both methods are affected by trusted_networks settings. I guess for people to help further, you'd need to give more info your configuration settings. Thanks John. login_trusted_networks, if this is the setting you're referring to, lists the proxy IPs. I'd have thought, by having this setting on the real servers, the proxy IP will be logged by both IMAP and POP3 login processes, but it appears it isn't the case. It works for IMAP, not for POP3. The reason I need the proxy IP in the "lip" instead of the local IP in
On 08-12-2020 3:13, John Fawcett wrote: the real server mail log is that I need to filter certain connections, both IMAP and POP3, that are coming directly into the real server IP. By capturing the IMAP & POP3 traffic on the real servers and matching the results to the mail log entries I *should* be able to tell what mail accounts from which remote IP addresses are coming in via the proxies and which ones are coming into the real servers directly. Hope that makes sense. Cheers,
The way I read it is that by specifing login_trusted_networks the proxy ip can be overwritten by the real ip. I think that's the opposite of what you need.
I can't throw any light on why that is not working for imap but is working for pop3. But as you don't want the overwriting, maybe you should try without login_trusted_networks.
John
You're probably not getting the real ip logged for imap despite having login_trusted_networks due to the default for imap_id_retain on the proxies.
John