> -----Original Message----- > From: Timo Sirainen [mailto:t...@iki.fi] > .. > > password_query = SELECT null AS password, 'Y' AS nopassword, 'Y' AS > > proxy WHERE '%{lip}' NOT LIKE '10.142.0.%%' AND '%{lip}' != '%{rip}' > > This query no longer works, because both lip and rip are replaced with the > original ones from proxy..
Ah, OK. The looping was unexpected though, as it has in the past complained "Proxying loops to itself", but I guess that check fails as well due to the aforementioned lip/rip replacement. I'll stick with untrusted for now then, and just live with some extra SSL overhead and doveadmin not showing the proxied endpoint. Maybe someday if you feel like adding proxy_maybe to the director it'll work right. I know I'm trying to shoehorn the director into an infrastructure it's not really meant for. A better choice would probably be to bring a new dedicated director online in either location, and put those behind the load balancer. I wonder if they can stand up to 10k+ concurrent proxied connections though? -Brad
