Proxy + 2x static passdb not working as expected

Tue, 13 Nov 2018 03:20:49 -0800 

Hi all,
I'm trying to setup a Dovecot proxy that authenticates the user against two backend servers. If login server1 fails, server2 should be tried. 


The problem: Only the first server seems to be tried, even if the login 
fails.


Config snippet:

  protocol imap {
    passdb {
      driver = static

      args = proxy=y nopassword=y host=oldserver1.example.com port=993 
ssl=y

    }

    passdb {
      driver = static

      args = proxy=y nopassword=y host=oldserver2.example.com port=993 
ssl=y

    }
  }


With this config, only accounts on oldserver1.example.com can login. If 
I reverse the two passdb entries, only accounts on 
oldserver2.example.com can login.



I've done the same with SQL passdb first + static passdb second. That 
worked as expected. Not sure what I'm doing wrong here.


Attached is the output of doveconf -n


Thanks

  Michael

Mit freundlichen Grüßen
--
Michael Goth

.webflow GmbH

Geschäftsführer: Andreas Schrei
Wasserburger Straße 4
D - 83352 Altenmarkt a. d. Alz

Amtsgericht Traunstein HRB 18537

E-Mail:   m...@webflow.de
Tel:      +49 (0) 8621 - 99989 - 26
Fax:      +49 (0) 8621 - 99989 - 28
Web:      www.webflow.de

# 2.3.3 (dcead646b): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.3 (f018bbab)
# OS: Linux 4.15.0-36-generic x86_64 Ubuntu 18.04.1 LTS
# Hostname: proxy.example.com
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
listen = *
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date index ihave duplicate 
mime foreverypart extracttext
passdb {
  args = /dev/null
  driver = passwd-file
}
protocols = imap pop3 submission sieve
ssl_ca = </etc/ssl/certs/ca-certificates.crt
ssl_cert = </etc/dovecot/private/wildcard.example.com.pem
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_require_crl = no
userdb {
  args = static uid=65534 gid=65534 home=/dev/null
  driver = static
}
protocol imap {
  passdb {
    args = proxy=y nopassword=y host=oldserver1.example.com port=993 ssl=y
    driver = static
    name =
  }
  passdb {
    args = proxy=y nopassword=y host=oldserver2.example.com port=993 ssl=y
    driver = static
    name =
  }
}






















					Reply via email to