> On 28/09/2020 23:46 Felipe Gasper <fel...@felipegasper.com> wrote: > > > Hi all, > > We have Exim using Dovecot for authentication. Dovecot, in turn, > consults a custom internal server that answers Dovecot’s userdb queries. > > When IMAP connections arrive, for some users we want to forward those > connections--without authentication--to an external IMAP server. For these > users, we return “proxy_maybe” and “nopassword” in the authn response from > our userdb server. This tells Dovecot to proxy the connection to a new server > without trying to authenticate. > > Exim, though, doesn’t grok “proxy_maybe”, so it just sees “nopassword”. > In response, it just skips SMTP authentication entirely. > > We could address this if our custom service could know whether the > authn is for Exim or not. Exim does send a “service=smtp” in its request to > /var/run/dovecot/auth-client, but thus far I don’t see that that’s being > passed on to the userdb server. > > Is there any way I can configure Dovecot so that our userdb server can > detect when it’s Exim doing the authentication? Alternatively we could just > authenticate on the proxy (i.e., stop sending “nopassword”), but that will > entail a new requirements for passwords to be in sync; ideally we’d like to > avoid that. > > Any insight from this group would be much appreciated. Thank you! > > cheers, > -Felipe Gasper
You can use %s to expand into protocol, which i think in this case would be 'smtp'. See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ Aki
