"Fossies" - the Fresh Open Source Software Archive
Member "courier-1.2.2/libs/imap/README.proxy" (20 Jan 2022, 8240 Bytes) of package /linux/misc/courier-1.2.2.tar.bz2:
As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard
) with prefixed line numbers.
Alternatively you can here view
the uninterpreted source code file.
1 Link: Chapter 1. The Courier IMAP/POP3 proxy (start)
2 Link: Requirements (next)
4 Chapter 1. The Courier IMAP/POP3 proxy
6 Table of Contents
12 Using the same configuration files on all servers
14 Alternative configurations
16 Homogenous environments
18 Heterogenous environments
20 The Courier IMAP and POP3 servers now include a built-in proxy aggregator.
21 With a proxy aggregator, the mail accounts are split between multiple,
22 independent servers, with an IMAP/POP3 server running on each individual
23 server. A separate, proxy server sits in front and accepts ordinary IMAP
24 and POP3 connections. It reads the login ID, determines which server the
25 account is located on, connects to the server, and logs in. Then, for the
26 lifetime on the login session the front-end server takes itself out of the
27 loop, and forwards all session traffic between the IMAP/POP3 client, and
28 the back-end server.
32 The Courier mail server can operate in IMAP/POP3 proxy mode only when the
33 Courier Authentication Library uses the userdb, LDAP, MySQL, or the
34 PostgreSQL authentication module. Challenge-Response (CRAM) authentication
35 will also work with the LDAP, MySQL, or the PostgreSQL authentication
36 module. Yes, CRAM authentication will work (except for userdb).
40 Follow the regular installation instructions to set up The Courier mail
41 server with the actual mail accounts. The proxy feature uses the “account
42 options” feature of the Courier Authentication Library, specifically an
43 option called “mailhost”. Account option configuration process depends on
44 the authentication module. With userdb, account options are specified by
45 the “options” userdb attribute:
47 userdb email@example.com set options=mailhost=servera.example.com
49 Instructions for setting up account options with LDAP, MySQL, or
50 PostgreSQL, may be found in the appropriate configuration file. Briefly:
52 * In authldaprc, put “LDAP_AUXOPTIONS<TAB>mailhost=mailhost”, then
53 populate the “mailhost” LDAP attribute (this may entail modifications
54 of the LDAP schema).
56 * In authmysqlrc, put
57 “MYSQL_AUXOPTIONS<TAB>CONCAT("mailhost=",mailhost)” (or modify the
58 existing MYSQL_AUXOPTIONS setting accordingly), then create a
59 “mailhost” column in the account table.
61 * In authpgsqlrc, put “PGSQL_AUXOPTIONS<TAB>'mailhost=' || mailhost” (or
62 append ",mailhost=" || mailhost to an existing setting), then create a
63 “mailhost” column in the account table.
65 The “mailhost” option for each account should be the name of the server
66 where that account is located. If possible, this should match, exactly,
67 the PROXY_HOSTNAME environment variable or the value returned by the
68 “gethostname” on the server.
70 The final step is to set “IMAP_PROXY” and/or “POP3_PROXY” to “1” in the
71 imapd and/or the pop3d configuration file, in the Courier configuration
72 file directory on the proxy server.
74 Using the same configuration files on all servers
76 It is possible to have both the proxy server, and the back-end servers
77 with the actual accounts, read the same configuration file that enables
78 proxying. Ordinarily, if the back-end server also has the proxy setting
79 turned on, it will also attempt to establish a proxy connection (to
80 itself; lather, rinse, repeat until the server runs out of sockets).
82 However, if the “mailhost” option matches the server's hostname, as
83 returned by “gethostname”, no proxying takes place. Therefore, if specific
84 attention and care is made, when setting up the server names and account
85 options, all servers can boot off the same configuration file.
87 Alternative configurations
89 If the server names are set up properly, it's possible to set things up
90 without a dedicated front-end proxy aggregator server. All mail accounts
91 are divided between a pool of servers, who are just one, big, happy
92 family. IMAP and POP3 clients can connect to any server, at random. If
93 they try to log into an account that happens to reside on the same box,
94 then everything will be ready to go. If not, the server automatically
95 opens a proxy connection to the right box, and everything will be ready to
96 go as well.
98 Homogenous environments
100 Both servers involved in a proxy connections should be running the same
101 version of the Courier IMAP/POP3 server. The proxy code included in the
102 Courier-IMAP package tarball will talk to the server from the Courier-MTA
103 package tarball that includes the same build of the IMAP daemon, and
104 vice-versa. Run “imapd --version” to determine the build of the IMAP
107 All servers MUST use the same identical imapd and pop3d configuration
108 files (with the possible exception of the proxy flag). The next section
109 explains why.
111 Heterogenous environments
113 It should generally be possible to have the The Courier IMAP/POP3 server
114 establish a proxy connection to some other third party, non-Courier, IMAP
115 or POP3 server. Of course, the Courier Authentication Library running on
116 the proxy server must have the same understanding of the account names and
117 passwords as the other IMAP/POP3 server. The main issue is the different
118 levels of protocol implementations.
120 Both the IMAP and POP3 protocols have optional features that different
121 servers may or may not implement. Some servers will implement certain
122 optional features of the IMAP or POP3 protocol; other servers will
123 implement different features parts.
125 When the IMAP/POP3 client connects to the server, the client typically
126 obtains the list of available optional features. After logging in, the
127 client will have no reason to expect that it's now talking to a different
128 server with a different set of protocol features. Therefore, it may not be
129 possible to use a Courier proxy with some other IMAP/POP3 server that
130 implements a widely different set of features. This may work with some
131 clients, that don't make use of optional features; while other clients
132 will report strange, or unpredictable errors.
134 In some cases, setting the IMAP_PROXY_FOREIGN flag, in the imapd
135 configuration file, may help. This command will send a message to the IMAP
136 client explicitly informing the client that the list of available protocol
137 features has changed; however some clients may ignore or not implement
138 this particular message. There is no equivalent POP3 command.
142 As previously mentioned the IMAP/POP3 clients may use any supported
143 authentication method, including CRAM authentication (in most cases), with
144 or without encryption, to log in. However, Courier will always use plain
145 userid/password authentication, without encryption, to establish proxy
146 connections. When using a different server, that server must be configured
147 to allow plain userid/password authentication.
149 Note that the default configuration of the UW-IMAP server requires
150 encryption, and refuses non-encrypted connections. Proxy connections are
151 presumably carried over a private network, and there is no reason to use
152 encryption. Therefore, the UW-IMAP server will have to be re-configured to
153 allow non-encrypted connections, if it's to be used with Courier in proxy
158 Visible links
159 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#proxy
160 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#requirements
161 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#requirements
162 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#configuration
163 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#idm44912407468848
164 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#idm44912407530944
165 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#idm44912407529744
166 . file:///home/mrsam/src/courier.git/courier/libs/imap/README.proxy.html#idm44912407524720