[Dovecot] Dovecot Proxy with MySQL auth

Justin Krejci jkrejci at usinternet.com
Fri Nov 28 15:33:15 EET 2008


I get the feeling not many people are using Dovecot proxy with MySQL auth.
Is there anyone who has done this before? We might end up going with
something like NGINX for the proxy instead if we cannot figure out if and
how this should work for our type of scenario but it would be nice if we
could go with fewer components.

-----Original Message-----
From: dovecot-bounces+jkrejci=usinternet.com at dovecot.org
[mailto:dovecot-bounces+jkrejci=usinternet.com at dovecot.org] On Behalf Of
Justin Krejci
Sent: Wednesday, November 26, 2008 11:57 AM
To: 'Dovecot Mailing List'
Subject: [Dovecot] Dovecot Proxy with MySQL auth

We are looking at deploying several pop/imap servers to house the mail for
15,000 or more mailbox accounts. We are contemplating on the design and are
looking at using MySQL auth (we already have a MySQL environment in place
for our user auth to live) and proxy_maybe so each server can proxy for all
the others and we just have a network load balancer distribute the incoming
connections to all of the Dovecot servers. Each server would have its own
local maildir storage for the users local to that server and all of the
authentication and target backend pop/imap server data would be stored in
the same MySQL database. The problem we are running into is the
documentation is not very clear on this type of scenario. 

 

http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy

 

At the bottom of this page it gives a query example of "SELECT NULL AS
password, ." but that does not seem to allow for us to use the proxy_maybe
if the destination server is localhost (and therefore do not proxy) it does
not seem that the above query will actually send the real password for
authentication. Is this a misunderstanding on our part or is the use of
mysql auth + proxy_maybe not feasible? Assuming the latter we surmised using
a separate instance of Dovecot on each machine to act solely as a proxy
front end (use proxy instead of proxy_maybe) then on the second instance
there is no proxy config and it listens on a separate TCP port like 80143 or
whatever.

 

Any input or suggestions would be appreciated.

 

Justin Krejci




More information about the dovecot mailing list