[Dovecot] proxy configuration

Patrick Ben Koetter p at state-of-mind.de
Sun Jan 27 09:53:49 EET 2008 

* WJCarpenter <bill-dovecot at carpenter.ORG>:
> Before I spend some time experimenting with what might be impossible,
> maybe someone can just tell me (either "how" or that it's
> impossible).
> 
> I'd like to get perdition out of my environment (mainly to have one
> less moving part in my architecture).  I'm looking at dovecot's
> built-in proxying.  In my setup, I don't have dedicated front-end
> machines.  A user can connect to any server, but their mail files live
> on one particular machine.  I'd like to transparently proxy them from
> whatever machine they happen to hit to their home machine.
> 
> Except for the "proxy_maybe" feature advertised for dovecot 1.1, I
> don't see a surefire way to do this.  Has anyone done it, or can
> anyone say for sure that it can't reasonably be done until
> "proxy_maybe"?

We have a Dovecot proxy serving 25.000 POP/IMAP users. On the backend side
there are 5 servers waiting to serve 1/5 of the userbase.

I've written a small LDAP schmema and put the logic, which user resides on
which machine, in LDAP. The proxy queries LDAP and LDAP tells where to open a
backend connection to.

All this has been done using the stock configuration examples from the wiki
<http://wiki.dovecot.org/HowTo/ImapProxy>. We went for the "master password"
configuration where the proxy handles the complete session so clients would
always talk to the same host and TLS certificates would therefore always would
remain valid. 
<http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy> describes the
master password setup, but it looks different. I think I used the older
version
<http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy?action=recall&rev=1>
to do the configuration back then.

Lessons learned?
It works and it worked immediately. Store backend host information as IP
address and not as host name.

p at rick

-- 
state of mind
Agentur für Kommunikation, Design und Softwareentwicklung

Patrick Koetter            Tel: 089 45227227
Echinger Strasse 3         Fax: 089 45227226
85386 Eching               Web: http://www.state-of-mind.de

Amtsgericht München        Partnerschaftsregister PR 563

More information about the dovecot mailing list