Possible to adjust username used to determine the proxy destination?

Joseba Torre joseba.torre at ehu.es
Tue Nov 25 09:09:29 UTC 2014


El 24/11/14 a las 17:21, Andy Dills escribió:
> I'm in a fairly standard cluster environment: shared storage, bunch of
> servers each acting as both proxies and backends.
>
> We do /bin/checkpassword authentication, allowing a great deal of
> flexibility...protection against brute force, billing mechanisms, but
> relevant to this issue, I have it set up to allow users to login with
> either their username (if they are in one of our default domains) or their
> email address.
>
> I'm realizing now that as a consequence of this, "joe" and"joe at xecu.net"
> are unique as far as dovecot is concerned. Users who login with just their
> username (and not the full email address) can get assigned to a different
> backend server than when they login with the full email address (which
> would also include LMTP deliveries). This has been happening for years, a
> few broken indexes here and there that seem to resolve themselves, so it
> hasn't been impacting the service, but I'd like to correct it properly.
>
> Is there a way to manipulate this? For example, if I moved the
> authentication to the proxy layer (it's currently proxy=y nopassword=y),
> and set $ENV{USER} to the full email address, will director use that for
> selection instead of the user-supplied username?
>
> I'm open to suggestions on how best to accomplish this.

I had a similar problem using director. The solution was

director_username_hash = %n

but I don't know if there is a equivalent solution for proxys

HTH


More information about the dovecot mailing list