Perdition calls itself a mail retrieval proxy because it handles both IMAP and POP-3 clients (and their servers, of course) with or without SSL. From the documentation:

Perdition has many uses. Including, creating large mail systems where an end-user's mailbox may be stored on one of several hosts, integrating different mail systems together, migrating between different email infrastructures, and bridging plain-text, SSL and TLS services. It can also be used as part of a firewall.

Schematically, Perdition works like this:

  1. An IMAP (or POP-3) client connects to Perdition, which accepts the connection and prompts for credentials (i.e. username and password).
  2. Based on the username provided, Perdition can consult a map (more on this later) to find out which back-end IMAP (or POP-3) server should service the user's request.
  3. Perdition then hands off the connection to the back-end server passing it the given (or changed) credentials.

Perdition's strength lies in the _map_s or databases it can use to find the back-end server responsible for a specific client. These include:

  • GDBM
  • BDB
  • NIS
  • Posix RE
  • MySQL
  • PostgreSQL
  • LDAP

For example, the Posix regular expression map allows me to have a list of users and their target servers. In the following example, user john is directed to the IMAP server at 192.168.1.20 whereas usernames beginning with a lowercase a, b, or c are directed to a different server. Perdition also allows me to specify a default server for users not included in the map with its outgoing_server directive.

^john: 192.168.1.20:143
^[a-c]: 192.168.1.10:143

I can perform by far the most flexible type of lookup with a custom function invoked by Perdition when a connection is initiated. The function is invoked from a shared library and it can retrieve the name of the back-end server from any means I see fit. A few years ago I implemented a Perdition proxy that queried an LDAP directory server for a username, extracted up to two different Lotus Domino server names from the user's directory entry, attempted a connection to that Domino server, and returned that address only if the server was available. I retrieve the data with which I pouplate the LDAP directory entries directly from Lotus Domino's cldbdir.nsf database. I mentioned above that Perdition does both IMAP and POP-3, but only if you configure it to do so. You can set up distinct configuration files on a protocol by protocol basis, as described in the manual. Perdition has been deployed by large customers and I've never experienced a hitch with it. A similar utility is nginx which I'll discuss another time.

Flattr this
LDAP, DomiNotes, Linux, and IMAP :: 27 Nov 2008 :: e-mail

Comments

blog comments powered by Disqus