[Dovecot] Dovecot proxy question (hostname instead of ip)
Hello,
We are planning to use the Proxy feature of Dovecot, but fail to implement it currently the way we would like to.
Reason is that proxy insists to have an IP-address as host :
Feb 15 15:43:24 proxy-test.widexs.nl dovecot: pop3-login: proxy(username): mspool01-test.widexs.nl is not a valid IP
When I changed the query to force the IP-address of the above server, it works.
Would it be possible to make this work, but more important ... Are there any reasons NOT to make this work ? :))
Kind regards,
Wouter.
-- WideXS http://www.widexs.nl Wouter de Jong System-Administrator Tel +31 (0)23 5698070 Fax +31 (0)23 5698099 Bijlmermeerstraat 62, 2131 HG HOOFDDORP, NL
On Thu, 2007-02-15 at 16:14 +0100, Wouter de Jong wrote:
Feb 15 15:43:24 proxy-test.widexs.nl dovecot: pop3-login: proxy(username): mspool01-test.widexs.nl is not a valid IP .. Are there any reasons NOT to make this work ? :))
It requires DNS resolving and there's no way to do nonblocking DNS resolving with libc. Although in login processes this wouldn't matter as long as login_process_per_connection=yes. Then again in proxying use that setting is often set to "no"..
Nonblocking DNS resolving could be done with an external library, or I could of course implement my own. But since proxy is the pretty much the only place where this currently could be useful, I haven't really bothered to do either of those.
Or I could simply implement the blocking DNS resolving and you'll just have to make sure that your DNS servers are always responding and doing it fast enough not to cause problems.
Le Thu, 15 Feb 2007 18:45:33 +0200 Timo Sirainen tss@iki.fi écrit:
Or I could simply implement the blocking DNS resolving and you'll just have to make sure that your DNS servers are always responding and doing it fast enough not to cause problems.
Or another solution would be to implement the blocking DNS resolving AND a small cache. I think in most case there are only a few hostname in the proxy table. So the cache can be very small (less than 10 ?).
I guess this solution will not have a noticeable performance impact and can help in some (many ?) case. For example, I have a database with 1.5 millions entries. If I need to change the IP address of the destination POP3/IMAP servers, I have to update all the entries in my database. This large update can be saved by just updating the DNS entry...
-- Laurent Papier - 03 88 75 80 50 Admin. système - SdV Plurimedia - http://www.sdv.fr/
On Thu, Feb 15, 2007 at 06:45:33PM +0200, Timo Sirainen wrote:
It requires DNS resolving and there's no way to do nonblocking DNS resolving with libc. Although in login processes this wouldn't matter as long as login_process_per_connection=yes. Then again in proxying use that setting is often set to "no"..
I've set it to yes for the moment, since it's not a live situation yet I can't really tell if the system can handle it or not so I play 'secure' for now :)
Nonblocking DNS resolving could be done with an external library, or I could of course implement my own. But since proxy is the pretty much the only place where this currently could be useful, I haven't really bothered to do either of those.
This would be very cool... but I think a bit too much to be asked from you at the moment :)
Or I could simply implement the blocking DNS resolving and you'll just have to make sure that your DNS servers are always responding and doing it fast enough not to cause problems.
Make it configurable ? --with-proxy-resolving or so ... or better yet, a .conf option. This way ppl can make their own choices :)
I've overcome our 'problem' by doing a JOIN with a hostname->ip table in MySQL. Not very nice, but with query-caching & auth-cache it should be workable.
-- WideXS http://www.widexs.nl Wouter de Jong System-Administrator Tel +31 (0)23 5698070 Fax +31 (0)23 5698099 Bijlmermeerstraat 62, 2131 HG HOOFDDORP, NL
participants (3)
-
Laurent Papier
-
Timo Sirainen
-
Wouter de Jong