On Mon, 2010-09-06 at 16:42 +0200, Lukas Garberg wrote: > As these additions cannot be used in the SQL query for the auth service > used by postfix (as users would be able to authenticate with any > password) I have defined a second auth service (auth postfix { ... }) in > dovecot.conf which is slightly different; it returns the password hash > instead of NULL as password and skips the proxy and nopasswd part.
That won't work. It's pretty much random how it'll behave. > This works fine on one server, but on the other one the auth services > get mixed up and the service defined for postfix (missing password and > proxy stuff) is used by the POP3 and IMAP services and vice versa, which > breaks the proxying. I've been trying my best to find any difference > between the configuration of the two machines, but without result. The > configurations are simply copies of each other. Yeah, it's not even supposed to work the way you want it to work. > So, to finally arrive at my question: Is there any way to specify which > authentication service is to be used by each protocol in dovecot.conf? With v2.0 you can just put the wanted passdbs into protocol imap/smtp {} sections. With v1.2 you can't do anything like that. > Or is the solution instead to rewrite the passdb-query to take the > service into account and return 'Y' AS proxy when the service is postfix > and 'N' AS proxy when the service is POP3 or IMAP as I then would be > able to use only one authentication backend? Yes, that's the only working way with v1.2. Perhaps even something like: select ..proxy.. where '%s' != 'smtp' and ..etc.. union all select ..auth.. where '%s' = 'smtp' and ..etc..