Re: distuguish between different domains
>> the dovecot service does not care about the server dns name. the dns >> name resolves to the IP address on the client (roundcube) and the client >> connects to the server. if the same dovecot instance listens to all / >> both IP address, client will end up on this dovecot instance and all >> valid user-password combinations are authorized. that's the way it has >> to be, otherwise virtual / mass virtual domain hosting would not be >> possible as you cannot spawn 1000 instances on the same machine (ok, in >> theory you could do that :D) > No, it's only impossible if you are using passdb or otherwise > authenticating against real users of the system. If you are using > virtual users (SQL, LDAP, etc.), you can include the domain name in the > auth lookups. > > Andreas was asking about the fqdn where the imap client is connecting to, not the user name / e-mail address. you can use localpart and domain from the email address in passdb / userdb lookups but dovecot (imap) is nothing like http where you send the a hostname of the site you're conncting to in the header.
Re: distuguish between different domains
On 09/28/2015 10:18 AM, Marco Fretz wrote: > On 28.09.2015 10:48, Andreas Meyer wrote: >> For my understanding it should not be possible to connect to server >> server.aaa.de with an address line u...@bbb.de and dovecot serves >> the mailbox of that user. > the dovecot service does not care about the server dns name. the dns > name resolves to the IP address on the client (roundcube) and the client > connects to the server. if the same dovecot instance listens to all / > both IP address, client will end up on this dovecot instance and all > valid user-password combinations are authorized. that's the way it has > to be, otherwise virtual / mass virtual domain hosting would not be > possible as you cannot spawn 1000 instances on the same machine (ok, in > theory you could do that :D) No, it's only impossible if you are using passdb or otherwise authenticating against real users of the system. If you are using virtual users (SQL, LDAP, etc.), you can include the domain name in the auth lookups. Phil
Re: distuguish between different domains
On 28.09.2015 10:48, Andreas Meyer wrote: > Hello! > > Marco Fretzschrieb am 28.09.15 um 08:29:59 Uhr: > >> Hi Andreas, >> >> I'm not 100% sure what you're trying to accomplish. >> >> smtp_server in roundcube is the outgoing server (submission server, i.e. >> postfix). Mailbox is IMAP (dovecot). >> You can easily spawn 2 instances of dovecot, one serving aaa.de and one >> serving bbb.de on different IPs. > How do I do this? http://wiki2.dovecot.org/RunningDovecot I do this by creating a 2nd startup script / systemd service you can then use another dovecot config file and specify different listen IPs (and Ports). This is also useful for different SSL certs per domain / ip, etc. > >> What exactly is the problem with 2 domains on one dovecot? I mean user >> @aaa.de usually does not have the password for @bbb.de and vise versa. > What is irritating me is that when there are two domains served by > dovecot, in the client I can specify server.aaa.de although I have > an email-address u...@bbb.de and connect as such. > > For my understanding it should not be possible to connect to server > server.aaa.de with an address line u...@bbb.de and dovecot serves > the mailbox of that user. the dovecot service does not care about the server dns name. the dns name resolves to the IP address on the client (roundcube) and the client connects to the server. if the same dovecot instance listens to all / both IP address, client will end up on this dovecot instance and all valid user-password combinations are authorized. that's the way it has to be, otherwise virtual / mass virtual domain hosting would not be possible as you cannot spawn 1000 instances on the same machine (ok, in theory you could do that :D) > >> About the sending server in roundcube: I don't think there is a way to >> have a different submission server for different sender domains in >> roundcubde. But you could use the postfix configuration to map sender >> domains to different outgoing connection IPs. > Postfix is not the problem. It's the login into the IMAP-server that > is irritating me. Or am I completely wrong? > > Regards > > Andreas
Re: distuguish between different domains
Hi Andreas, I'm not 100% sure what you're trying to accomplish. smtp_server in roundcube is the outgoing server (submission server, i.e. postfix). Mailbox is IMAP (dovecot). You can easily spawn 2 instances of dovecot, one serving aaa.de and one serving bbb.de on different IPs. What exactly is the problem with 2 domains on one dovecot? I mean user @aaa.de usually does not have the password for @bbb.de and vise versa. About the sending server in roundcube: I don't think there is a way to have a different submission server for different sender domains in roundcubde. But you could use the postfix configuration to map sender domains to different outgoing connection IPs. Does this help? If not, please tell us more about what you're trying to do. regards Marco On 27.09.2015 19:53, Andreas Meyer wrote: > Hello! > > I asked myself wether it is possible to distinguish between > different doamins in dovecot so that a user only sees his > mailbox when he is connecting with us...@aaa.de specifying > the server with mail.aaa.de for example. > > So the server does not handout the mailbox for us...@bbb.de > when the client connects to mail.aaa.de as us...@bbb.de > > I have this problem with roundcube. Dovecot is responisble > for two domains. With roundcube I can login as us...@aaa.de > altough the client is configured like so: > $config['smtp_server'] = 'tls://mail.bbb.de'; > and I am landing in the mailbox of us...@aaa.de > > Is there a way to striktly differentiate between doamins? > Both domains have their own IP-addresses. > > Regards > > Andreas
Re: distuguish between different domains
On 09/28/2015 10:48 AM, Andreas Meyer wrote: > Postfix is not the problem. It's the login into the IMAP-server that > is irritating me. Or am I completely wrong? You are completely wrong ;) If the mailbox exist server handles it, there's no difference from/to which "domain" was the connection. Besides you can configure Roundcube to select server IP/host based on logon domain. -- Aleksander 'A.L.E.C' Machniak Kolab Groupware Developer[http://kolab.org] Roundcube Webmail Developer [http://roundcube.net] --- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl
Re: distuguish between different domains
Hello! Marco Fretzschrieb am 28.09.15 um 08:29:59 Uhr: > Hi Andreas, > > I'm not 100% sure what you're trying to accomplish. > > smtp_server in roundcube is the outgoing server (submission server, i.e. > postfix). Mailbox is IMAP (dovecot). > You can easily spawn 2 instances of dovecot, one serving aaa.de and one > serving bbb.de on different IPs. How do I do this? > What exactly is the problem with 2 domains on one dovecot? I mean user > @aaa.de usually does not have the password for @bbb.de and vise versa. What is irritating me is that when there are two domains served by dovecot, in the client I can specify server.aaa.de although I have an email-address u...@bbb.de and connect as such. For my understanding it should not be possible to connect to server server.aaa.de with an address line u...@bbb.de and dovecot serves the mailbox of that user. > About the sending server in roundcube: I don't think there is a way to > have a different submission server for different sender domains in > roundcubde. But you could use the postfix configuration to map sender > domains to different outgoing connection IPs. Postfix is not the problem. It's the login into the IMAP-server that is irritating me. Or am I completely wrong? Regards Andreas
Re: distuguish between different domains
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 28 Sep 2015, Andreas Meyer wrote: For my understanding it should not be possible to connect to server server.aaa.de with an address line u...@bbb.de and dovecot serves the mailbox of that user. that's virtual hosting :-) - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBVgkB93z1H7kL/d9rAQLwRQf9EYit7l2ZSaSQQhojeoqNKXcZj1FP9SZY Wm+w3mI/zL/5xlWhvZPmZgTGs6aLUqU1la0zl4Nd95gRiVuG5DQPruUfu9uvG8XV t6u+mpf4wGkeDZlkrYMSKmOrE8eUV6Bdi0fuBZrDCihChGSb8NceMn7u58uTBDFr Pj5AmU+71OrWHisvmCjsQAelOXNpHMf+hFHxb5xJatbDl9wqf443WyoUBaVGCb2q 1rbYz+TT/5BGfLwibefmuTkzWn8ca/RryJV2GaynIyp+WynlRh5w+1Q1EPZgS/Di xOIk7+H/JKbnlQ6quxOn9sfjiiqKEDIJmxPSRGsEJvSz9+EYxnhL7w== =xR/L -END PGP SIGNATURE-
Re: distuguish between different domains
"A.L.E.C"schrieb am 28.09.15 um 10:54:24 Uhr: > On 09/28/2015 10:48 AM, Andreas Meyer wrote: > > Postfix is not the problem. It's the login into the IMAP-server that > > is irritating me. Or am I completely wrong? > > You are completely wrong ;) If the mailbox exist server handles it, > there's no difference from/to which "domain" was the connection. Besides > you can configure Roundcube to select server IP/host based on logon domain. It makes not difference when I define $rcmail_config['default_host'] = 'tls://mail.bbb.de'; in Roundcube. I guess the advantage of this setting is to identify the server when the server are running on different machines. But as long as the domains reside on the same machine, it does not matter. I can login as u...@aaa.de and the mailbox is served. That's what is irritating me. But I can life with it. Regards Andreas