[Dovecot] transparent proxy
I'm excited to see that dovecot 1.0-test series supports transparent proxy, but that excitement is muted by:
- the recommendation to avoid 1.0 at present;
- the requirement to use SQL authentication.
I guess I could ignore the first, but the second is sticky. How hard would it be to hack a different sort of proxy server cue into the authentication? Perhaps one of:
If authenticating via passwd, use a gid as an index into a server table (or perhaps have the group name be a server name),
If passwd authentication fails, try a starting the proxy to a specific other server and see if one can log in there.
Or something else.. I dunno, I'm just looking not to install a SQL server just for this.
mm
Mark E. Mallett wrote:
I'm excited to see that dovecot 1.0-test series supports transparent proxy, but that excitement is muted by:
- the recommendation to avoid 1.0 at present;
- the requirement to use SQL authentication.
I guess I could ignore the first, but the second is sticky.
Proxying feature is actually very stable and I'd say that you could use it very well in production environment.
-- Tomi Hakala
On Tue, 2005-04-26 at 18:02 -0400, Mark E. Mallett wrote:
I guess I could ignore the first, but the second is sticky. How hard would it be to hack a different sort of proxy server cue into the authentication? Perhaps one of:
If authenticating via passwd, use a gid as an index into a server table (or perhaps have the group name be a server name),
If passwd authentication fails, try a starting the proxy to a specific other server and see if one can log in there.
These sound pretty special kludges which I'd rather not implement :)
Or something else.. I dunno, I'm just looking not to install a SQL server just for this.
I think passwd-file could be modified in some way to support these. It's a bit annoying that the last field which is "mail" can now contain ':' characters.. The "flags" field is nowadays unused, so maybe something like this could be done:
....:list:key=value:key=value:...:mail=mbox\:~/mail
where "list" is in the flags field, meaning rest of the list is in new format.
Or something else.. I dunno, I'm just looking not to install a SQL server just for this.
I can certainly understand the motivation here... has there been any work to hook Dovecot up to SQLite? It gives you extensive SQL support, with no server, and very light code overheads.
I would try it myself (I feel I owe Timo something for giving us Dovecot), but I'm very busy on another project right now :/
-- Curtis Maloney cmaloney@cardgate.net
participants (4)
-
Curtis Maloney
-
Mark E. Mallett
-
Timo Sirainen
-
Tomi Hakala