Possible to adjust username used to determine the proxy destination?

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Tue Nov 25 07:18:29 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 24 Nov 2014, Andy Dills wrote:

> I'm in a fairly standard cluster environment: shared storage, bunch of
> servers each acting as both proxies and backends.
>
> We do /bin/checkpassword authentication, allowing a great deal of
> flexibility...protection against brute force, billing mechanisms, but
> relevant to this issue, I have it set up to allow users to login with
> either their username (if they are in one of our default domains) or their
> email address.
>
> I'm realizing now that as a consequence of this, "joe" and "joe at xecu.net"
> are unique as far as dovecot is concerned. Users who login with just their
> username (and not the full email address) can get assigned to a different
> backend server than when they login with the full email address (which
> would also include LMTP deliveries). This has been happening for years, a
> few broken indexes here and there that seem to resolve themselves, so it
> hasn't been impacting the service, but I'd like to correct it properly.

Can return Dovecot Extra Fields as describes in:
http://wiki2.dovecot.org/AuthDatabase/CheckPassword
? userdb_user should change the username.

> Is there a way to manipulate this? For example, if I moved the
> authentication to the proxy layer (it's currently proxy=y nopassword=y),
> and set $ENV{USER} to the full email address, will director use that for
> selection instead of the user-supplied username?

Dunno

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBVHQtRXz1H7kL/d9rAQIK+Af/XxO7G4IqGMUW0vv7alg778x+hipYrz8G
lIIfHdEGhmWcniiqKdVvkA+/UhsWTfjz9ZDaVt/aYRqAXBrXvMZEjntD9cyssz6D
rxBdKyQR5bVPOSFBJPOkg/CnRznTsFt8LY4T+OEO59vljyzNXi5um1ehtgsOqYsL
5iB+oO/oBkwObewpHRQFasjoA/lV1k2kJ5YA+Jsb5/+EgF8A78ZrSbQ6XEES89YD
o9MZQUmWUVvAHn7plWd4aC3OoCmZV49Oq/q8su2x0fP4jkzIyGDOxre5CJ2uN6s6
tFb2Qo6Ns8ZKf5Zh26BV0mKpSGcfK4KOQW7hyFkdC1i4KnujMNxjoA==
=TMrx
-----END PGP SIGNATURE-----


More information about the dovecot mailing list