Discussion:
LMTP proxying
Ralf Hildebrandt
2014-09-24 11:35:36 UTC
Permalink
How exactly is LMTP proxying supposed to work?

According to the example on
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy

I'm only seeing "proxy" in the password_query statements.

But LMTP never sends a password.


IMAP Proxying is working OK:

Sep 24 12:51:09 imap-login: Info: proxy(ralf.hildebrandt at charite.de): started proxying to dovecot.charite.de:993: user=<ralf.hildebrandt at charite.de>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Sep 24 12:51:13 imap-login: Info: proxy(ralf.hildebrandt at charite.de): disconnecting 127.0.0.1 (Disconnected by server): user=<ralf.hildebrandt at charite.de>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured

But LMTP is logging this:

Sep 24 13:13:25 lmtp(17727): Info: Connect from 127.0.0.1
Sep 24 13:13:51 auth-worker(19603): Info: mysql(sql.posteo.local): Connected to database mailservice
Sep 24 13:14:11 lmtp(17727, ralf.hildebrandt at charite.de): Info: save: box=INBOX, uid=1, msgid=, size=304
Sep 24 13:14:11 lmtp(17727, ralf.hildebrandt at charite.de): Info: pH2yN1WnIlQ/RQAAoQzodQ: msgid=unspecified: saved mail to INBOX
Sep 24 13:14:11 dict: Info: mysql(sql.charite.de): Connected to database mailservice
Sep 24 13:14:13 lmtp(17727): Info: Disconnect from 127.0.0.1: Client quit (in reset)
Sep 24 13:15:29 master: Warning: Killed with signal 15 (by pid=25892 uid=0 code=kill)

I read that there's no "default port for LMTP", but how can I adapt
the query in such a way that the default port 24 is being used ONLY
FOR LMTP?

I'm using (snippet):

...
NULL AS password, \
'Y' AS nopassword, \
'Y' AS proxy, 'dovecot.charite.de' AS host, 'any-cert' AS 'ssl', \
...
--
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstra?e 15, 81669 M?nchen

Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
Ralf Hildebrandt
2014-09-24 11:52:59 UTC
Permalink
Post by Ralf Hildebrandt
How exactly is LMTP proxying supposed to work?
According to the example on
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
I'm only seeing "proxy" in the password_query statements.
Found that one, LMTP needs to use "lmtp_proxy = yes" in order to issue
passdb lookups. Wonderful.

But my next issue is that there's no "default port for LMTP", but how
can I adapt the query in such a way that the default port 24 is being
used ONLY FOR LMTP?

i.e. use the default port for POP/IMAP/POP3S/IMAPS, but use Port 24
for LMTP.
--
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstra?e 15, 81669 M?nchen

Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
Jogi Hofmüller
2014-09-24 12:38:18 UTC
Permalink
Hi Ralf,
Post by Ralf Hildebrandt
But my next issue is that there's no "default port for LMTP", but how
can I adapt the query in such a way that the default port 24 is being
used ONLY FOR LMTP?
We solved that by setting up a second LDAP passdb for lmtp that supplies
the following values (all in one line):

pass_attrs = uid=user,=nopassword,proxy=proxy,proxyhost=host,=port=24\
=starttls=any-cert

This way our LMTP proxy works fine.

Regards,
--
j.hofm?ller

mur.sat -- a space art project http://sat.mur.at/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140924/6ea1dfa9/attachment.sig>
Robert Schetterer
2014-09-24 12:00:22 UTC
Permalink
Post by Ralf Hildebrandt
How exactly is LMTP proxying supposed to work?
According to the example on
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
I'm only seeing "proxy" in the password_query statements.
But LMTP never sends a password.
Sep 24 12:51:09 imap-login: Info: proxy(ralf.hildebrandt at charite.de): started proxying to dovecot.charite.de:993: user=<ralf.hildebrandt at charite.de>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Sep 24 12:51:13 imap-login: Info: proxy(ralf.hildebrandt at charite.de): disconnecting 127.0.0.1 (Disconnected by server): user=<ralf.hildebrandt at charite.de>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Sep 24 13:13:25 lmtp(17727): Info: Connect from 127.0.0.1
Sep 24 13:13:51 auth-worker(19603): Info: mysql(sql.posteo.local): Connected to database mailservice
Sep 24 13:14:11 lmtp(17727, ralf.hildebrandt at charite.de): Info: save: box=INBOX, uid=1, msgid=, size=304
Sep 24 13:14:11 lmtp(17727, ralf.hildebrandt at charite.de): Info: pH2yN1WnIlQ/RQAAoQzodQ: msgid=unspecified: saved mail to INBOX
Sep 24 13:14:11 dict: Info: mysql(sql.charite.de): Connected to database mailservice
Sep 24 13:14:13 lmtp(17727): Info: Disconnect from 127.0.0.1: Client quit (in reset)
Sep 24 13:15:29 master: Warning: Killed with signal 15 (by pid=25892 uid=0 code=kill)
I read that there's no "default port for LMTP", but how can I adapt
the query in such a way that the default port 24 is being used ONLY
FOR LMTP?
...
NULL AS password, \
'Y' AS nopassword, \
'Y' AS proxy, 'dovecot.charite.de' AS host, 'any-cert' AS 'ssl', \
...
hm...perhaps

and '%s' = 'lmtp'

http://wiki2.dovecot.org/Variables

i have i.e

FROM mailbox WHERE username = '%u' AND active = '1' AND (imap_allowed =
'1' or '%Ls' = 'pop3')




Best Regards
MfG Robert Schetterer
--
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstra?e 15, 81669 M?nchen

Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
Loading...