postfix sasl -> haproxy -> dovecot auth
Chris Adams
cma at cmadams.net
Fri Mar 27 13:52:25 UTC 2015
Once upon a time, Edgaras Lukoševičius <edgaras.lukosevicius at gmail.com> said:
> What I need is to make smtp authentication balanced and keep everything in backend (private network)
If you have more than one Postfix server, each one must talk to its own
private Dovecot server for auth. The Dovecot auth protocol includes a
client (Postfix) assigned ID, and Postfix uses the process ID. If you
have multiple Postfix servers talking to one Dovecot server, you'll get
ID conflicts and dropped auths.
I ended up putting a local instance of Dovecot on each Postfix server,
with no protcols configured except for auth. Not quite as HA, but I
have my monitoring system doing SMTP AUTH (never have had a problem with
the setup); you could probably have HAProxy do it as well (IIRC it can
do some basic expect-style send/receive).
--
Chris Adams <cma at cmadams.net>
More information about the dovecot
mailing list