[Dovecot] Another hint from the clue box 8-) imapc/imap proxy user mailbox server location
I'm running imapproxy as shown at
http://wiki2.dovecot.org/HowTo/ImapcProxy. In fact, that's my config
in the wiki. 8-)
It's been working, but has performance issues when the Exchange server
that's hard-coded as imapc_host=xxx.xxx.xxx.xxx doesn't happen to be
the user's home exchange server.
I'd like to point dovecot at the correct Exchange server based on an
LDAP query, and in fact, have an LDAP search that works:
DC=example,DC=com
(&(objectCategory=person)(objectClass=user)(!(userAccountcontrol:1.2.840.113556.1.4.803:=2))(sAMAccountName=username))
With the exchange server being returned in the msExchHomeServerName
property as:
/O=example/OU=INT/cn=Configuration/cn=Servers/cn=exchangeservername
I believe this should somehow end up in the userdb section, which
currently contains "driver = prefetch", but can't seem to figure out
specifically what should be there.
The only important part is "cn=exchangeservername", which is the
machine name and would need to be prepended to example.com to get the
fqdn.
Can anybody toss me a clue?
Once I get it working, I'll update the wiki.
Thanks!
Terry
On 2.3.2012, at 0.35, Terry Carmen wrote:
With the exchange server being returned in the msExchHomeServerName property as:
/O=example/OU=INT/cn=Configuration/cn=Servers/cn=exchangeservername
I believe this should somehow end up in the userdb section, which currently contains "driver = prefetch", but can't seem to figure out specifically what should be there. .. The only important part is "cn=exchangeservername", which is the machine name and would need to be prepended to example.com to get the fqdn.
Do all of the values have the same prefix? Then I guess you can do:
pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%49.100$.example.com
If the prefix differs, but all of the exchange server names have the same length, for example 10, you can also do:
pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%-10$.example.com
There's no otherwise nice way to parse this string.
----- Message from Timo Sirainen <tss@iki.fi> --------- Date: Sun, 4 Mar 2012 14:45:48 +0200 From: Timo Sirainen <tss@iki.fi> Subject: Re: [Dovecot] Another hint from the clue box 8-) imapc/imap proxy user mailbox server location To: Terry Carmen <terry@cnysupport.com> Cc: dovecot@dovecot.org
With the exchange server being returned in the msExchHomeServerName
property as:/O=example/OU=INT/cn=Configuration/cn=Servers/cn=exchangeservername
I believe this should somehow end up in the userdb section,
which currently contains "driver = prefetch", but can't seem to
figure out specifically what should be there. .. > The only important part is "cn=exchangeservername", which isOn 2.3.2012, at 0.35, Terry Carmen wrote: the machine name and would need to be prepended to example.com to
get the fqdn. Do all of the values have the same prefix? Then I guess you can do:pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%49.100$.example.comIf the prefix differs, but all of the exchange server names have
the same length, for example 10, you can also do:pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%-10$.example.com There's no otherwise nice way to parse this string.
If by prefix, you mean the
"/O=example/OU=INT/cn=Configuration/cn=Servers/" part, then, yes,
they're different.
I could export the data to a text file as username:homeexchangeserver
(or whatever other format is needed).
homeservers.txt: user1:exch1.example.com user2:exch1.example.com user3:exch1.example.com user4:exch2.example.com
Is it possible to do a lookup in a text file to get this?
Terry
On 4.3.2012, at 16.48, Terry Carmen wrote:
pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%49.100$.example.comIf the prefix differs, but all of the exchange server names have the same length, for example 10, you can also do:
pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%-10$.example.com There's no otherwise nice way to parse this string.If by prefix, you mean the "/O=example/OU=INT/cn=Configuration/cn=Servers/" part, then, yes, they're different.
OK, so if the prefix or suffix isn't always the same length you can't do the above.
I could export the data to a text file as username:homeexchangeserver (or whatever other format is needed).
homeservers.txt: user1:exch1.example.com user2:exch1.example.com user3:exch1.example.com user4:exch2.example.com
Is it possible to do a lookup in a text file to get this?
If you can use userdb passwd-file and export the data to that file, it'll work. http://wiki2.dovecot.org/AuthDatabase/PasswdFile
Example line:
user1::1000:1000::/home/user::userdb_imapc_host=exch1.example.com
Note that you can't then return any userdb fields from passdb ldap lookup.
On 03/04/2012 09:58 AM, Timo Sirainen wrote:
On 4.3.2012, at 16.48, Terry Carmen wrote:
pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%49.100$.example.comIf the prefix differs, but all of the exchange server names have
the same length, for example 10, you can also do:pass_attrs = ...,
msExchHomeServerName=userdb_imapc_host=%-10$.example.com There's no otherwise nice way to parse this string.If by prefix, you mean the
"/O=example/OU=INT/cn=Configuration/cn=Servers/" part, then, yes,
they're different.OK, so if the prefix or suffix isn't always the same length you
can't do the above.I could export the data to a text file as
username:homeexchangeserver (or whatever other format is needed).homeservers.txt: user1:exch1.example.com user2:exch1.example.com user3:exch1.example.com user4:exch2.example.com
Is it possible to do a lookup in a text file to get this?
If you can use userdb passwd-file and export the data to that file,
it'll work. http://wiki2.dovecot.org/AuthDatabase/PasswdFileExample line:
user1::1000:1000::/home/user::userdb_imapc_host=exch1.example.com
Note that you can't then return any userdb fields from passdb ldap lookup.
That doesn't seem to work because I can't create the passdb file
containing the user's password, since they're only known to the remote
IMAP server that I want imapproxy to connect to.
What would be perfect is if I could do something like this:
////////////////////////////
http://wiki.dovecot.org/HowTo/ImapProxy#IMAP_and_POP3_session_proxying Proxy only server
. . .
In this document I assume that Dovecot is installed under
/opt/dovecot, by default it is installed under /usr/local when
compiling from source. Examples in this document are for MySQL but
configs do not differ much with PostgreSQL.
SQL table structure
Create SQL table like
CREATE TABLE proxy ( user varchar(255) NOT NULL, host varchar(16) default NULL, destuser varchar(255) default NULL, PRIMARY KEY (user) );
//////////////////////////////////////
All I really need is a way to lookup the user's home IMAP server when
given the username, as above.
Does imapproxy still support this 1.x feature?
Thanks!
Terry
On 12.3.2012, at 20.57, Terry Carmen wrote:
If you can use userdb passwd-file and export the data to that file, it'll work. http://wiki2.dovecot.org/AuthDatabase/PasswdFile
Example line:
user1::1000:1000::/home/user::userdb_imapc_host=exch1.example.com
Note that you can't then return any userdb fields from passdb ldap lookup.
That doesn't seem to work because I can't create the passdb file containing the user's password, since they're only known to the remote IMAP server that I want imapproxy to connect to.
Well, you could allow users to log in with any password and then let it just fail later at imapc login, but that's a bit ugly.
You could also use passdb imap {} + userdb passwd-file {} with some extra work. The authentication would be done against the remote imap server, while the userdb_imapc_host would be looked up from the passwd-file.
What would be perfect is if I could do something like this:
////////////////////////////
http://wiki.dovecot.org/HowTo/ImapProxy#IMAP_and_POP3_session_proxying Proxy only server .. All I really need is a way to lookup the user's home IMAP server when given the username, as above.
Does imapproxy still support this 1.x feature?
This describes a regular dummy proxying setup. Sure you could still do that, but it's not imapc proxying. http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
On 03/13/2012 04:06 AM, Timo Sirainen wrote:
This describes a regular dummy proxying setup. Sure you could still do that, but it's not imapc proxying. http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
The above URL worked beautifully and Dovecot is now running as a proxy for a dozen older Exchange servers on a private network.
Thanks for the help!
Terry
On 13.3.2012, at 23.44, Terry Carmen wrote:
On 03/13/2012 04:06 AM, Timo Sirainen wrote:
This describes a regular dummy proxying setup. Sure you could still do that, but it's not imapc proxying. http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
The above URL worked beautifully and Dovecot is now running as a proxy for a dozen older Exchange servers on a private network.
If you find out that IMAP clients still don't work nicely with Exchange (apparently they have random problems, especially with shared mailboxes/accounts), you can still put imapc proxy in front of your currently working Dovecot proxy. :)
----- Message from Timo Sirainen <tss@iki.fi> --------- Date: Wed, 14 Mar 2012 00:05:14 +0200 From: Timo Sirainen <tss@iki.fi> Reply-To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: [Dovecot] [Solved] Another hint from the clue box 8-) imapc/imap proxy user mailbox server location To: Terry Carmen <terry@cnysupport.com> Cc: dovecot@dovecot.org
On 13.3.2012, at 23.44, Terry Carmen wrote:
On 03/13/2012 04:06 AM, Timo Sirainen wrote: > This describes a
regular dummy proxying setup. Sure you could still do that, but
it's not imapc proxying.
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy The above URL worked beautifully and Dovecot is now running as a
proxy for a dozen older Exchange servers on a private network. If you find out that IMAP clients still don't work nicely with
Exchange (apparently they have random problems, especially with
shared mailboxes/accounts), you can still put imapc proxy in front
of your currently working Dovecot proxy. :) I'm going to hope everything is OK for a while, since my goal is to retire all the old Exchange servers and move all the users to dovecot/maildir within the next couple of months.
However it's always nice to know there are options. 8-)
Terry
On 2012-03-13 6:29 PM, Terry Carmen <terry@cnysupport.com> wrote:
I'm going to hope everything is OK for a while, since my goal is to retire all the old Exchange servers and move all the users to dovecot/maildir within the next couple of months.
However it's always nice to know there are options. 8-)
I'm currently looking at rolling out SOGo as part of a major reworking of their current infrastructure (will also include converting their old Courier-IMAP to dovecot 2.1.x among other things)...
SOGo, as far as I can tell, is the best truly free and open source 'exchange clone' available that works extremely well with Thunderbird+Lightning (which is what my Client uses currently, but they are very dissatisfied with using Google Calendar for Shared calendars), Outlook and Apple Apps, as well as Android, Blackberry and Apple mobile devices - and their upcoming v2 (in beta now) will not only provide native Outlook support (no plugin needed), it will also (optionally) provide a Samba4 Active Directory server in my main Client's office - all with absolutely no licenses required. Commercial support is available from Inverse, the company created by the developers to provide said support services.
I also learned something very interesting yesterday concerning SOGo and dovecot during a sales call with a SOGo rep, but I'll wait and see if Timo cares to chime in on this one... ;)
--
Best regards,
Charles
On 03/14/2012 06:58 AM, Charles Marcus wrote:
On 2012-03-13 6:29 PM, Terry Carmen <terry@cnysupport.com> wrote:
I'm going to hope everything is OK for a while, since my goal is to retire all the old Exchange servers and move all the users to dovecot/maildir within the next couple of months.
However it's always nice to know there are options. 8-)
I'm currently looking at rolling out SOGo as part of a major reworking of their current infrastructure (will also include converting their old Courier-IMAP to dovecot 2.1.x among other things)...
SOGo, as far as I can tell, is the best truly free and open source 'exchange clone' available that works extremely well with Thunderbird+Lightning (which is what my Client uses currently, but they are very dissatisfied with using Google Calendar for Shared calendars), Outlook and Apple Apps, as well as Android, Blackberry and Apple mobile devices - and their upcoming v2 (in beta now) will not only provide native Outlook support (no plugin needed), it will also (optionally) provide a Samba4 Active Directory server in my main Client's office - all with absolutely no licenses required. Commercial support is available from Inverse, the company created by the developers to provide said support services.
Looks interesting.
I have currently have horde/imp/kronolith running with postfix/dovecot/mysql on the back end and it's been working nicely with all the clients and devices except for outlook.
I'll have to take a look at sogo, because I'd really like to keep outlook for the users that want it, to cut down on support and complaints.
Thanks!
Terry
On 14/03/2012 10:58, Charles Marcus wrote:
On 2012-03-13 6:29 PM, Terry Carmen <terry@cnysupport.com> wrote:
I'm going to hope everything is OK for a while, since my goal is to retire all the old Exchange servers and move all the users to dovecot/maildir within the next couple of months.
However it's always nice to know there are options. 8-)
I'm currently looking at rolling out SOGo as part of a major reworking of their current infrastructure (will also include converting their old Courier-IMAP to dovecot 2.1.x among other things)...
SOGo, as far as I can tell, is the best truly free and open source 'exchange clone' available that works extremely well with Thunderbird+Lightning (which is what my Client uses currently, but they are very dissatisfied with using Google Calendar for Shared calendars), Outlook and Apple Apps, as well as Android, Blackberry and Apple mobile devices - and their upcoming v2 (in beta now) will not only provide native Outlook support (no plugin needed), it will also (optionally) provide a Samba4 Active Directory server in my main Client's office - all with absolutely no licenses required. Commercial support is available from Inverse, the company created by the developers to provide said support services.
I also learned something very interesting yesterday concerning SOGo and dovecot during a sales call with a SOGo rep, but I'll wait and see if Timo cares to chime in on this one... ;)
If the answer is that he will write a Z-Push/Activesync module for SOGo then I'm all ears! I have been watching SOGo for some time and the main thing I would miss is that every phone I have ever owned has largely limited/broken Funambol based sync and annoyingly working Activesync capability (I own a stream of Nokias...). It seems that although I don't like it, I need activesync support if I want my contacts/calendar on my phone... (I think I can do caldav on some of them, but not cardav on my N9)
Apart from that it's a very neat system!
Ed W
On Fri, 2012-03-16 at 15:22 +0000, Ed W wrote:
I also learned something very interesting yesterday concerning SOGo and dovecot during a sales call with a SOGo rep, but I'll wait and see if Timo cares to chime in on this one... ;)
If the answer is that he will write a Z-Push/Activesync module for SOGo then I'm all ears! I have been watching SOGo for some time and the main thing I would miss is that every phone I have ever owned has largely limited/broken Funambol based sync and annoyingly working Activesync capability (I own a stream of Nokias...). It seems that although I don't like it, I need activesync support if I want my contacts/calendar on my phone... (I think I can do caldav on some of them, but not cardav on my N9)
We're also very much wishing for SOGo Activesync, but I'm not planning on writing it myself (but maybe we'll hire someone who will). Annoyingly Microsoft has patented Activesync, so I guess it can't be legally used at least in USA without paying MS.
On 2012-03-16 11:22 AM, Ed W <lists@wildgooses.com> wrote:
If the answer is that he will write a Z-Push/Activesync module for SOGo then I'm all ears! I have been watching SOGo for some time and the main thing I would miss is that every phone I have ever owned has largely limited/broken Funambol based sync and annoyingly working Activesync capability (I own a stream of Nokias...). It seems that although I don't like it, I need activesync support if I want my contacts/calendar on my phone... (I think I can do caldav on some of them, but not cardav on my N9)
While I agree it would be nice, why not just switch to a supported phone and be done with it? ;)
When we roll out SOGo, we'll only be supporting the officially supported mobile clients (android, iphone/ipad, blackberry and windows mobile)...
--
Best regards,
Charles
On 16/03/2012 15:45, Charles Marcus wrote:
On 2012-03-16 11:22 AM, Ed W <lists@wildgooses.com> wrote:
If the answer is that he will write a Z-Push/Activesync module for SOGo then I'm all ears! I have been watching SOGo for some time and the main thing I would miss is that every phone I have ever owned has largely limited/broken Funambol based sync and annoyingly working Activesync capability (I own a stream of Nokias...). It seems that although I don't like it, I need activesync support if I want my contacts/calendar on my phone... (I think I can do caldav on some of them, but not cardav on my N9)
While I agree it would be nice, why not just switch to a supported phone and be done with it? ;)
When we roll out SOGo, we'll only be supporting the officially supported mobile clients (android, iphone/ipad, blackberry and windows mobile)...
That implies you will be using cardav/caldav on those phones? I thought Android support was quite weak for those?
I definitely don't like the idea of supporting activesync, but it seems like the only widely supported solution to pushing calendar and contacts updates to clients? Caldav gets you part of the way there, but cardav seems badly supported and there is no push support with either...
Out of curiousity, what kind of performance are you getting out of the web interface and any tricks you used to improve "perceived" performance? My quick testing gave something circa 150-200ms response times from SOGo (forget exactly now) and as a result it was perceivable and just very slightly laggy (versus a desktop mail program!!). I get slightly better perceived performance from Roundcube (which also seems more amenable to building extension plugins)
Seems a bit of a surprise that a compiled language delivers results slightly less quickly than PHP... Did you find any magic knobs to twist to get performance up there with gmail?
Cheers
Ed W
participants (4)
-
Charles Marcus
-
Ed W
-
Terry Carmen
-
Timo Sirainen