Directors and LMTP: mailAlternateAddress of same user
Good evening everyone,
I'd like to paste a problem i experience the last days with a mail cluster system based on three dovecot servers and two directors in front of them. The Directors are proxying the auth requests to the dovecot servers below (LDAP). The protocols i use are imap/managesieve/lmtp. The setup works as intented, exept one detail. There are a lot of users that happen to have mailAlternateAddress attriutes with different e-mail addresses. The problem is that when a mail arrives to the lmtp of the directors, and the recipient is one of the mailalternateAddresses the same user has, director/lmtp doesn't recognise the real user of that e-mail address, and routes the e-mail to a different dovecot server than the real user is logged in, resulting in a corrupted .index.cache file.
I've searched around for a solution to this, and figured out that a special userdb {} section in the protocol lmtp {} section, with driver = ldap etc etc so that i 'd be able to "show" the correct user to the lmtp might work, but strangely that userdb {} setting looks like being ignored by lmtp.
Has any of you guys have an idea how will i be able to solve that issue because i get thousands of corrupted .index.cache files every day....
Thank you very much in advance,
Ioannis
Dear Ioannis,
I've searched around for a solution to this, and figured out that a special userdb {} section in the protocol lmtp {} section, with driver = ldap etc etc so that i 'd be able to "show" the correct user to the lmtp might work, but strangely that userdb {} setting looks like being ignored by lmtp.
A very similar issue was discussed on IRC last Friday. userdb is indeed ignored on the director, as the different process are going through the special "director-userdb", which has nothing to do with the userdb you have define... The documentation (https://doc.dovecot.org/configuration_manual/authentication/user_databases_u...) was updated to make it cleaner.
The solution is to use passdb instead. Use basically the same configuration as the one you have for userdb but for passdb. For the ldap configuration itself replace user_* by pass_*.
I hope that helps, Vincent
On 26/10/2020 8:54 π.μ., Vincent Brillault wrote:
Dear Ioannis,
I've searched around for a solution to this, and figured out that a special userdb {} section in the protocol lmtp {} section, with driver = ldap etc etc so that i 'd be able to "show" the correct user to the lmtp might work, but strangely that userdb {} setting looks like being ignored by lmtp. A very similar issue was discussed on IRC last Friday. userdb is indeed ignored on the director, as the different process are going through the special "director-userdb", which has nothing to do with the userdb you have define... The documentation (https://doc.dovecot.org/configuration_manual/authentication/user_databases_u...) was updated to make it cleaner.
The solution is to use passdb instead. Use basically the same configuration as the one you have for userdb but for passdb. For the ldap configuration itself replace user_* by pass_*.
Dear Vincent hi,
thank you very much for your reponse. I'd already tried the passdb {} section, but i've missed the replacing of the user_* attributes in the ldap .ext file. Index corruptions are gone now!
Cheers
Ioannis
participants (2)
-
Paterakis E. Ioannis
-
Vincent Brillault