[Dovecot] TLS / SSL mixed w/ plaintext auth and virtual hosting

[Nathan M]

On Thu, Aug 27, 2009 at 8:55 AM, Michael Orlitzky<michael at orlitzky.com> wrote:
>> Also, some users "need" to check email with username only, so the
>> local_ip variable is used within the dovecot-sql query to lookup some
>> virtual users by  username only + match the local_ip to a table with
>> domain+ip lookup.
>
> Ok, you got me. How many users need that ability? Would anyone notice if you
> killed them?
>
> I started writing a long and involved migration plan to work around this
> requirement, but honestly, "wait for v2.0" is probably a better one.
>

We "assimilate" a lot of existing hosting customers, and in order to
successfully transfer a domain from X server to our server, if they
were logging in previously with username only, we try to accommodate
that and not require all the users to change their settings (it's a
customer service thing I guess).  Because dovecot supports a very
flexible SQL lookup function, it's easy to do by assigning the domain
in particular a static IP and pointing mail.$domain at the static IP.

On any given server, it could be between 200 and 2000 email accounts
which are logging in with username only.  So, really the "need" is
ours to not have to have all those accounts change their settings in
order to use our servers.

I think I'm OK providing SSL only for now, and offering TLS once 2.0
is stable as a solution.  It's still better than plaintext. =)

- N