Possible architecture ?
Hi,
I'd like to achieve the following setup whit dovecot using multiple servers : passwords.
- one server dedicated to all client IMAP (TLS) connections (i http://mail.numeezy.commap.mymaindomain.com, see below )
- each backend server has it's own local storage. no replication
- each backend server responsible of a few domains
- each backend server has it's own Mysql local database for user's
===> Server 1 :
domains A, B and C
====> i http://mail.numeezy.commap.mymaindomain.com ===> Server 2 : domains D, E and F (143 TLS / 993 SSL) ===> Server 3 : domains G, H
For example, if a user connects from domain E to i http://mail.numeezy.com map.mymaindomain.com, will Dovecot be able to use password database hosted on Server 2 ?
Thank you !
Alex
Hi,
I've got no answer.. Can someone please help ?
Thank you.
Alex
Le mar. 18 sept. 2018 à 22:55, Alexandre Ellert ellertalexandre@gmail.com a écrit :
Hi,
I'd like to achieve the following setup whit dovecot using multiple servers : passwords.
- one server dedicated to all client IMAP (TLS) connections (i http://mail.numeezy.commap.mymaindomain.com, see below )
- each backend server has it's own local storage. no replication
- each backend server responsible of a few domains
- each backend server has it's own Mysql local database for user's
===> Server 1 :
domains A, B and C
====> i http://mail.numeezy.commap.mymaindomain.com ===> Server 2 : domains D, E and F (143 TLS / 993 SSL) ===> Server 3 : domains G, H
For example, if a user connects from domain E to i http://mail.numeezy.commap.mymaindomain.com, will Dovecot be able to use password database hosted on Server 2 ?
Thank you !
Alex
Hey Alexandre,
You can achieve your idea setting a MySQL instance, for example, in each
one of your servers and also a Dovecot instance in each of them. Then you
can set your imap.mymaindomain.com
server to be a imap-frontend that
performs a pre-auth step in the correct MySQL and then forwards the request
to the right Dovecot instance that performs the auth again.
Something like this:
- Request arrives in
imap.mymaindomain.com
- Check if you host the informed domain
- Check then user domain, for example foo@A.com
- Validate user credentials in MySQL.A
- Forward the request to Dovecot.A
Regards,
João Paulo Bastos DevOps Engineer at MAV Tecnologia Belo Horizonte - Brazil +55 31 99279-7092 @joaopaulosr at OFTC/Freenode
On Wed, Oct 3, 2018 at 10:42 AM Alexandre Ellert ellertalexandre@gmail.com wrote:
Hi,
I've got no answer.. Can someone please help ?
Thank you.
Alex
Le mar. 18 sept. 2018 à 22:55, Alexandre Ellert ellertalexandre@gmail.com a écrit :
Hi,
I'd like to achieve the following setup whit dovecot using multiple servers : passwords.
- one server dedicated to all client IMAP (TLS) connections (i http://mail.numeezy.commap.mymaindomain.com, see below )
- each backend server has it's own local storage. no replication
- each backend server responsible of a few domains
- each backend server has it's own Mysql local database for user's
===> Server 1 :
domains A, B and C
====> i http://mail.numeezy.commap.mymaindomain.com ===> Server 2 : domains D, E and F (143 TLS / 993 SSL) ===> Server 3 : domains G, H
For example, if a user connects from domain E to i http://mail.numeezy.commap.mymaindomain.com, will Dovecot be able to use password database hosted on Server 2 ?
Thank you !
Alex
Hi,
we have running a similar setup for some years now (IMAP + POP3).
- frontend imap+pop3 proxy (imap.mydomain.com)
- multiple backend servers
- each backend is responsible for a few domains (ex. domains beginning with a-f, g-l, and so on)
Database setup:
- 3 MySql Servers in a Master/Slave configuration:
- 1 Master, where user, password and proxy information are stored.
- 2 Slaves, each dovecot backend and the frontend proxy is configured to read the user configuration from the same database.
- the 2 slaves helps us to keep away the mysql select queries from our master server. But depending on your workload, perhaps one central mysql server without slaves is enough.
For proxying requests to the correct backend server see: https://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy
In our setup the frontend proxy does only check if the user exists. If yes, the request will be forwarded to the correct backend and "real" authentication will be performed there.
Best Urban Loesch
Am 03.10.2018 um 15:42 schrieb Alexandre Ellert:
Hi,
I've got no answer.. Can someone please help ?
Thank you.
Alex
Le mar. 18 sept. 2018 à 22:55, Alexandre Ellert
mailto:ellertalexandre@gmail.com> a écrit : Hi, I'd like to achieve the following setup whit dovecot using multiple servers : - one server dedicated to all client IMAP (TLS) connections (i <http://mail.numeezy.com>map.mymaindomain.com <http://map.mymaindomain.com>, see below ) - each backend server has it's own local storage. no replication - each backend server responsible of a few domains - each backend server has it's own Mysql local database for user's passwords. ===> Server 1 : domains A, B and C ====> i <http://mail.numeezy.com>map.mymaindomain.com <http://map.mymaindomain.com> ===> Server 2 : domains D, E and F (143 TLS / 993 SSL) ===> Server 3 : domains G, H For example, if a user connects from domain E to i <http://mail.numeezy.com>map.mymaindomain.com <http://map.mymaindomain.com>, will Dovecot be able to use password database hosted on Server 2 ? Thank you ! Alex
participants (3)
-
Alexandre Ellert
-
João Paulo Sacchetto Ribeiro Bastos
-
Urban Loesch