[dovecot] Re: inetd/xinetd/tcpserver support

Charlie Brady charlieb-dovecot at e-smith.com
Thu Mar 20 03:30:53 EET 2003 

On 26 Feb 2003, Timo Sirainen wrote:

> I was just thinking how they could be easily supported. This would work,
> right? :
> 
> imap stream tcp nowait root /usr/sbin/tcpd /usr/local/libexec/dovecot/imap-login
> imaps stream tcp nowait root /usr/sbin/tcpd /usr/local/libexec/dovecot/imap-login --ssl
> 
> imap-login would try to connect to master process using some named
> socket. If it couldn't, it would create the master process itself.
> Master process would work as usual (executes auth and imap processes),
> except it wouldn't be executing login processes.

I have a working tcpserver system, but one using a substantially different 
process mix. I haven't used imap-login at all, but have used 
imapfront-auth from Bruce Guenter's mailfront package 
(http://www.untroubled.org/mailfront/).

Here is the run script:

#!/bin/sh

concurrency=20
ulimitdata=3000000
CVM_SASL_PLAIN=cvm-local:/tmp/.cvm-unix-local
export CVM_SASL_PLAIN
CVM_ACCOUNT_SPLIT_CHARS=
export CVM_ACCOUNT_SPLIT_CHARS

exec 2>&1
exec \
  softlimit -m $ulimitdata \
  tcpserver -dHRvX \
  -c "$concurrency" \
  -x tcp.cdb \
  0 imap \
  /usr/bin/imapfront-auth \
  /usr/local/bin/imap


And here is the IMAP session:

* OK imapfront ready.
001 capability
* CAPABILITY IMAP4rev1 
001 OK CAPABILITY completed
002 login foo xxxxx
* PREAUTH [CAPABILITY IMAP4rev1 SORT THREAD=REFERENCES MULTIAPPEND 
UNSELECT LITERAL+ IDLE CHILDREN LISTEXT LIST-SUBSCRIBED] Logged in as foo
002 capability
* CAPABILITY IMAP4rev1 SORT THREAD=REFERENCES MULTIAPPEND UNSELECT 
LITERAL+ IDLE CHILDREN LISTEXT LIST-SUBSCRIBED
002 OK Capability completed.
003 select inbox
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags 
permitted.
* 4 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1045884314] UIDs valid
* OK [UIDNEXT 5] Predicted next UID
003 OK [READ-WRITE] Select completed.
004 create abox
004 OK Create completed.
005 select abox
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags 
permitted.
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1045885867] UIDs valid
* OK [UIDNEXT 1] Predicted next UID
005 OK [READ-WRITE] Select completed.
006 list "" % 
* LIST (\UnMarked) "." "Trash"
* LIST (\UnMarked) "." "foo"
* LIST (\UnMarked) "." "onebox"
* LIST (\UnMarked) "." "abox"
* LIST (\UnMarked) "." "INBOX"
006 OK List completed.
006 list "" ""
* LIST (\Noselect) "." ""
006 OK List completed.
007 logout
* BYE Logging out
007 OK Logout completed.

This setup can't do STARTTLS, but now that I have it working in plaintext,
I can look at adapting Scott Gifford's stunnel TLS proxy work:

http://www.suspectclass.com/~sgifford/stunnel-tlsproxy/stunnel-tlsproxy.html 

I don't expect this to be too difficult.
 
> This wouldn't require much code changing, and it would still be using
> all the same privilege separations as the standalone version so it would
> be just a secure.

Privilege separation is a very good thing. Is there any more detailed 
documentation of how you have done yours than 
http://dovecot.procontrol.fi/doc/design.txt?

You'll see that in the setup I've detailed above I am only using the 
"imap" binary from dovecot. I'm happy with the division of labour which 
has tcpserver doing network connection control, imapfront-auth+cvm doing 
authentication and uid switching, and imap doing mailbox access and IMAp 
protocol implementation. I expect to add stunnel doing TLS to that mix 
tomorrow. 

Can you provide any reasons why I should use your imap-master, imap-auth
and imap-login proceses rather than my mix'n'match setup? I'm confident 
that my setup has the simple, secure, reliable characteristics that I 
need, whereas I don't have the same confidence in your process set - it 
seems unnecessarily complex to me.

> Only thing I'm wondering is if any of the TCP wrappers care about the
> created child processes? The master process would have to stay alive
> after the connection that created it dies.

In general they will, as they will do connection counting. This is handled 
in my setup above, as each process execs the following one: tcpserver 
forks, and the child execs "imapfront-auth", which then authenticates and 
execs "imap". 

--
Charlie

More information about the dovecot mailing list