[Dovecot] Feature Request: handle mail connections of the same user from a same IP using just one mail process

[Reindl Harald]

Am 11.04.2014 17:49, schrieb morrison:
> Dovecot Wiki states that mail process (IMAP/POP3) is able to handle multiple client connections as the same time to save CPU and memory resources (client_limit > 1). Although this approach is not recommended due to latency and probably security issues, it does help increase the overall capacity of a mail server. Is it possible (or planned) to add a feature such that mail client connections of the same user from a same IP are directed to a same mail process? In most cases, such connections come from a same mail client (e.g. in Thunderbird, each mailbox is a connection). The end user (human being) can work on one mailbox at a time, the latency will be non-obvious. And since all data being processed belong to the same user, security is a non-issue.

http://wiki2.dovecot.org/LoginProcess

"High-performance mode" is already there and no, forget
the broken idea "but only the same user / ip" because
you have no clue if it is a different user coming from
the same IP until the connection does auth

* if it does auth and it was not the same you are fucked
* you can't handle the connection to a different process
* even if you can - your login data are already sent

"In most cases, such connections come from a same mail client"
that made sense 10 or 15 years ago, these days *most cases*
are mobile clients coming through carrier-grade NAT, networks
behind a NAT or public access points shared by all sort of users

so no - you have only two choices

* performance
* security

any other conclusion base don a client IP is broken

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140411/ae9366cf/attachment.sig>