[Dovecot] Dovecot as a smart IMAP proxy
Do you see a use for an IMAP proxy where the proxy would be able to execute hooks which modify mail contents, such as transparent encrypting/decrypting mails, or maybe some virus-filtering? It would need at least some kind of IMAP command/reply parsing capabilities, so it might be able to do all kinds of other things.
Maybe one potential use case would be Cyrus Murder-like proxying to multiple IMAP servers to distribute the mailboxes. But that might be done better as an imap process plugin, or maybe as IMAP mail storage backend.
Anyway, the reason I'm asking this is because I was asked to add mail encryption/decryption capabilities to Dovecot's IMAP proxy, but I'm not sure what would be the best way to handle this. In any case it would be a plugin or a new binary which is executed instead of imap binary, but can I do it in a way that would actually be useful for Dovecot project in general?
On 2006-02-23 18:24:31 +0200, Timo Sirainen wrote:
Do you see a use for an IMAP proxy where the proxy would be able to execute hooks which modify mail contents, such as transparent encrypting/decrypting mails, or maybe some virus-filtering? It would need at least some kind of IMAP command/reply parsing capabilities, so it might be able to do all kinds of other things.
err at least the virus scanning stuff should be handled in the MTA. In general i dont like any proxies that modify content for me. there are too many ways to get things wrong.
but i like the idea of writing a basic imap client. ;) you could use that for a testsuite. :p *runs*
Maybe one potential use case would be Cyrus Murder-like proxying to multiple IMAP servers to distribute the mailboxes. But that might be done better as an imap process plugin, or maybe as IMAP mail storage backend.
load balancing proxy sounds more useful yeah.
Anyway, the reason I'm asking this is because I was asked to add mail encryption/decryption capabilities to Dovecot's IMAP proxy, but I'm not sure what would be the best way to handle this. In any case it would be a plugin or a new binary which is executed instead of imap binary, but can I do it in a way that would actually be useful for Dovecot project in general?
hmm i have heard about signing proxies at the MTA layer where the mta signs every mail of a user with a special signing only mail. i dont see how dovecot should be able to decrypt mails unless the passphrase of the private key and the password are the same. but that would mean storing the password during the session in memory. hmm i dont like that idea much. do you have more details on the general design they have in mind?
just my 2 cents
darix
-- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
On Thu, 2006-02-23 at 17:33 +0100, Marcus Rueckert wrote:
Anyway, the reason I'm asking this is because I was asked to add mail encryption/decryption capabilities to Dovecot's IMAP proxy, but I'm not sure what would be the best way to handle this. In any case it would be a plugin or a new binary which is executed instead of imap binary, but can I do it in a way that would actually be useful for Dovecot project in general?
hmm i have heard about signing proxies at the MTA layer where the mta signs every mail of a user with a special signing only mail. i dont see how dovecot should be able to decrypt mails unless the passphrase of the private key and the password are the same. but that would mean storing the password during the session in memory. hmm i dont like that idea much. do you have more details on the general design they have in mind?
Dovecot wouldn't here do any of the encryption/decryption. Instead it would just talk to some external process which does it, knows the keys, etc. So there would probably be plugins for the Dovecot proxy which actually hook into the mail input/output handlers, or maybe the proxy itself would be able to execute binaries or talk to some UNIX socket.
On 2006-02-23 18:38:08 +0200, Timo Sirainen wrote:
Dovecot wouldn't here do any of the encryption/decryption. Instead it would just talk to some external process which does it, knows the keys, etc. So there would probably be plugins for the Dovecot proxy which actually hook into the mail input/output handlers, or maybe the proxy itself would be able to execute binaries or talk to some UNIX socket.
yeah but decryption with private keys without a passphrase? that sounds stupid.
darix
-- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
Marcus Rueckert wrote:
err at least the virus scanning stuff should be handled in the MTA. In general i dont like any proxies that modify content for me. there are too many ways to get things wrong.
I agree, mostly, but there is the interesting case where a new worm or spammed trojan gets past the MTA virus-scanner because detection hasn't yet been added. In this case, it might be useful to scan the message when it's being read, which may be sufficiently later for virus-scanners to have caught up (though of course, your desktop AV should also do the job if it's updated frequently enough). The same probably also applies to spam-filtering when relying on things like DNS block-lists.
Chris
-- --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+- Christopher Wakelin, c.d.wakelin@reading.ac.uk IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439 Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
Le Thu, 23 Feb 2006 17:33:23 +0100 Marcus Rueckert <rueckert@informatik.uni-rostock.de> écrit:
Maybe one potential use case would be Cyrus Murder-like proxying to multiple IMAP servers to distribute the mailboxes. But that might be done better as an imap process plugin, or maybe as IMAP mail storage backend.
load balancing proxy sounds more useful yeah.
I agree, a load-balancing proxy (like perdition) would be much more useful.
-- Laurent Papier - 03 88 75 80 50 Admin. système - Sdv Plurimedia - <http://www.sdv.fr/>
On Fri, 2006-02-24 at 09:32 +0100, Laurent Papier wrote:
Le Thu, 23 Feb 2006 17:33:23 +0100 Marcus Rueckert <rueckert@informatik.uni-rostock.de> écrit:
Maybe one potential use case would be Cyrus Murder-like proxying to multiple IMAP servers to distribute the mailboxes. But that might be done better as an imap process plugin, or maybe as IMAP mail storage backend.
load balancing proxy sounds more useful yeah.
I agree, a load-balancing proxy (like perdition) would be much more useful.
Doesn't Dovecot's proxying feature already do that?
Le Fri, 24 Feb 2006 11:09:48 +0200 Timo Sirainen <tss@iki.fi> écrit:
I agree, a load-balancing proxy (like perdition) would be much more useful.
Doesn't Dovecot's proxying feature already do that?
You are right. I must admit that I have not read the documentation for a long time.
Sorry for the noise.
-- Laurent Papier - 03 88 75 80 50 Admin. système - Sdv Plurimedia - <http://www.sdv.fr/>
Timo Sirainen wrote:
Do you see a use for an IMAP proxy where the proxy would be able to execute hooks which modify mail contents, such as transparent encrypting/decrypting mails, or maybe some virus-filtering? It would need at least some kind of IMAP command/reply parsing capabilities, so it might be able to do all kinds of other things.
Sounds interesting, but I'm MUCH more interested in full Shared Maildir support (complete with the ability to modify folder ACLs via normal IMAP clients like "Thunderbird)...
--
Best regards,
Charles
On Thu, 2006-02-23 at 11:37 -0500, Charles Marcus wrote:
Timo Sirainen wrote:
Do you see a use for an IMAP proxy where the proxy would be able to execute hooks which modify mail contents, such as transparent encrypting/decrypting mails, or maybe some virus-filtering? It would need at least some kind of IMAP command/reply parsing capabilities, so it might be able to do all kinds of other things.
Sounds interesting, but I'm MUCH more interested in full Shared Maildir support (complete with the ability to modify folder ACLs via normal IMAP clients like "Thunderbird)...
Well, unless you're interested enough to pay for me to do it, then it doesn't have anything to do with this thread.
Some kind of ACL support is however going into CVS soon, but it's missing IMAP ACL commands and shared mailbox handling. So it's basically just about restricting access to mailboxes that you can already make Dovecot see. And sure I'd like to see those features too, but I don't have all that much free time.
Hi, a nice feature is that dovecot can archive mails in condensed form like a folder INBOX.archive ???
On Thu, 2006-02-23 at 18:24 +0200, Timo Sirainen wrote:
Do you see a use for an IMAP proxy where the proxy would be able to execute hooks which modify mail contents, such as transparent encrypting/decrypting mails, or maybe some virus-filtering? It would need at least some kind of IMAP command/reply parsing capabilities, so it might be able to do all kinds of other things.
Maybe one potential use case would be Cyrus Murder-like proxying to multiple IMAP servers to distribute the mailboxes. But that might be done better as an imap process plugin, or maybe as IMAP mail storage backend.
Anyway, the reason I'm asking this is because I was asked to add mail encryption/decryption capabilities to Dovecot's IMAP proxy, but I'm not sure what would be the best way to handle this. In any case it would be a plugin or a new binary which is executed instead of imap binary, but can I do it in a way that would actually be useful for Dovecot project in general?
Hm, maybe you should look at perdition ( http://freshmeat.net/projects/perdition/ ) which may already have all the features you want... :)
On Fri, 24 Feb 2006 10:19:22 +0100, Dominik Saar <dominik.saar@1und1.de> wrote:
Hi, a nice feature is that dovecot can archive mails in condensed form like a folder INBOX.archive ???
On Thu, 2006-02-23 at 18:24 +0200, Timo Sirainen wrote:
Do you see a use for an IMAP proxy where the proxy would be able to execute hooks which modify mail contents, such as transparent encrypting/decrypting mails, or maybe some virus-filtering? It would need at least some kind of IMAP command/reply parsing capabilities, so it might be able to do all kinds of other things.
Maybe one potential use case would be Cyrus Murder-like proxying to multiple IMAP servers to distribute the mailboxes. But that might be done better as an imap process plugin, or maybe as IMAP mail storage backend.
Anyway, the reason I'm asking this is because I was asked to add mail encryption/decryption capabilities to Dovecot's IMAP proxy, but I'm not sure what would be the best way to handle this. In any case it would be a plugin or a new binary which is executed instead of imap binary, but can I do it in a way that would actually be useful for Dovecot project in general?
(sorry for the late response to this thread)
I would like to see hooks in the proxy that would allow somebody to build security features such as:
- per user concurrent connection limits
- per IP concurrent connection limits
- per user login rate limits
- per IP login rate limits
- IP access restrictions per user (looks like this is already possible)
- IP lockouts for brute force password crack attempts
The proxy is the right place for these features for us, but smaller sites might need these features in the main IMAP server.
Bill
On Thursday, February 23, 2006 11:24, Timo Sirainen said:
Do you see a use for an IMAP proxy where the proxy would be able to execute hooks which modify mail contents, such as transparent encrypting/decrypting mails, or maybe some virus-filtering? It would need at least some kind of IMAP command/reply parsing capabilities, so it might be able to do all kinds of other things.
Maybe one potential use case would be Cyrus Murder-like proxying to multiple IMAP servers to distribute the mailboxes. But that might be done better as an imap process plugin, or maybe as IMAP mail storage backend.
Anyway, the reason I'm asking this is because I was asked to add mail encryption/decryption capabilities to Dovecot's IMAP proxy, but I'm not sure what would be the best way to handle this. In any case it would be a plugin or a new binary which is executed instead of imap binary, but can I do it in a way that would actually be useful for Dovecot project in general?
On Mon, 2006-03-06 at 10:09 -0500, Bill Boebel wrote:
(sorry for the late response to this thread)
I would like to see hooks in the proxy that would allow somebody to build security features such as:
- per user concurrent connection limits
- per IP concurrent connection limits
- per user login rate limits
- per IP login rate limits
- IP access restrictions per user (looks like this is already possible)
- IP lockouts for brute force password crack attempts
The proxy is the right place for these features for us, but smaller sites might need these features in the main IMAP server.
I think dovecot-auth would be a good place to put all those restrictions. That would work with and without proxy. Since there can be multiple dovecot-auth processes, these would probably have to be kept in memory by yet another process which communicates with dovecot-auth processes. Or maybe master process could do it, hmm.
On Monday, March 6, 2006 15:43, Timo Sirainen said:
- per user concurrent connection limits
- per IP concurrent connection limits
- per user login rate limits
- per IP login rate limits
- IP access restrictions per user (looks like this is already possible)
- IP lockouts for brute force password crack attempts
I think dovecot-auth would be a good place to put all those restrictions. That would work with and without proxy. Since there can be multiple dovecot-auth processes, these would probably have to be kept in memory by yet another process which communicates with dovecot-auth processes. Or maybe master process could do it, hmm.
dovecot-auth might be able to make calls to Postfix's anvil server to track all of this data. Anvil serves a similar purpose for Postfix (and does a great job) and was designed so that it can be reused by other apps...
http://www.postfix.org/anvil.8.html
Bill
participants (8)
-
Bill Boebel
-
Charles Marcus
-
Chris Wakelin
-
Dominik Saar
-
Gaël STEPHAN
-
Laurent Papier
-
Marcus Rueckert
-
Timo Sirainen