user/dev discussion of public-inbox itself
 help / color / mirror / code / Atom feed
From: Chris Brannon <chris@the-brannons.com>
To: Eric Wong <e@80x24.org>
Cc: meta@public-inbox.org
Subject: Re: dovecot fronting for public-inbox-imapd + private mail groups?
Date: Wed, 21 Dec 2022 13:07:51 -0800	[thread overview]
Message-ID: <87ili4lb2w.fsf@the-brannons.com> (raw)
In-Reply-To: <20221221195421.GB5179@dcvr> (Eric Wong's message of "Wed, 21 Dec 2022 19:54:21 +0000")

Eric Wong <e@80x24.org> writes:

> I'm in the same situation.  My current workaround is to run my
> personal IMAP stuff on a different port and keep 993+143 for
> public-inbox-imapd.

I thought about that and initially decided not to go that route, because
4 client configurations would need to be changed.  FWIW another option
occurred to me just now: only allowing access to the private IMAP server
over wireguard.  That has the added benefit of being more secure, and I
might do it for that reason alone.

> I know nginx can support IMAP proxying, but I'm not sure if it
> can decide on backend based on usernames or inboxes.

I totally forgot about nginx's mail proxy support.  It turns out that
for IMAP (and even POP3), nginx can handle the authentication too, and
it can use the result of authentication to select a given backend
server.  Nginx does its authentication by sending a request to an HTTP
endpoint defined in the config.  The protocol uses some custom HTTP
headers.  It can even rate-limit on failed auth attempts.  This looks
very flexible.

It's all quite doable, and I'll be happy to share my config and endpoint code
once I have something.

-- Chris

  reply	other threads:[~2022-12-21 21:07 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-21 18:35 dovecot fronting for public-inbox-imapd + private mail groups? Chris Brannon
2022-12-21 19:54 ` Eric Wong
2022-12-21 21:07   ` Chris Brannon [this message]
2022-12-22 10:55     ` Chris Brannon
2022-12-22 11:38       ` Eric Wong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://public-inbox.org/README

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87ili4lb2w.fsf@the-brannons.com \
    --to=chris@the-brannons.com \
    --cc=e@80x24.org \
    --cc=meta@public-inbox.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://80x24.org/public-inbox.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).