Possible to adjust username used to determine the proxy destination?

Andy Dills andy at xecu.net
Mon Nov 24 16:21:40 UTC 2014


I'm in a fairly standard cluster environment: shared storage, bunch of 
servers each acting as both proxies and backends. 

We do /bin/checkpassword authentication, allowing a great deal of 
flexibility...protection against brute force, billing mechanisms, but 
relevant to this issue, I have it set up to allow users to login with 
either their username (if they are in one of our default domains) or their 
email address. 

I'm realizing now that as a consequence of this, "joe" and "joe at xecu.net" 
are unique as far as dovecot is concerned. Users who login with just their 
username (and not the full email address) can get assigned to a different 
backend server than when they login with the full email address (which 
would also include LMTP deliveries). This has been happening for years, a 
few broken indexes here and there that seem to resolve themselves, so it 
hasn't been impacting the service, but I'd like to correct it properly.

Is there a way to manipulate this? For example, if I moved the  
authentication to the proxy layer (it's currently proxy=y nopassword=y), 
and set $ENV{USER} to the full email address, will director use that for 
selection instead of the user-supplied username?

I'm open to suggestions on how best to accomplish this.

Thanks,
Andy

---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---


More information about the dovecot mailing list