> On 13 Nov 2018, at 12.19, Michael Goth <m...@webflow.de> wrote:
>
> Hi all,
>
> I'm trying to setup a Dovecot proxy that authenticates the user against two
> backend servers. If login server1 fails, server2 should be tried.
>
> The problem: Only the first server seems to be tried, even if the login fails.
>
> Config snippet:
>
> protocol imap {
> passdb {
> driver = static
> args = proxy=y nopassword=y host=oldserver1.example.com port=993 ssl=y
> }
>
> passdb {
> driver = static
> args = proxy=y nopassword=y host=oldserver2.example.com port=993 ssl=y
> }
> }
>
> With this config, only accounts on oldserver1.example.com can login. If I
> reverse the two passdb entries, only accounts on oldserver2.example.com can
> login.
>
> I've done the same with SQL passdb first + static passdb second. That worked
> as expected. Not sure what I'm doing wrong here.
The config does work as expected. Static passdb with nopassword=y always
matches and the entry is used.
You need to have some kind of key on a database to indicate correct backend and
then build passdb -setup to
utilise that key.
Sami