Check out the new USENIX Web site.
next up previous
Next: Porting dovecot to netAuth Up: Dovecot before and after Previous: Dovecot before and after

Standard dovecot

The dovecot distribution is composed of the following processes:

master process
starts the auth process and n (by default, 3) login processes. The master process is also responsible for the creation of an imap process after a successful authentication.
auth process
authenticates new users for the login process (over a UNIX socket). The auth process also verifies successful authentications to the master before it creates a mail process.
login process
listens on the appropriate port (e.g., 143 for IMAP) for new connections. Once a connection is established it negotiates with the MVA process to initialize the connection (sending server capabilities, setting up SSL, etc.) and requests authentication of the user. Upon successful authentication, the login process requests the master process to create a new imap process and then exits.
imap process
receives the socket descriptor over a UNIX socket from the login process. The imap process then communicates with the remote MVA to access the user's mailbox on the server.

Figure 6: The processes that comprise standard dovecot and their interaction to authenticate a user. Solid arrows indicate message exchange while dashed ones represent process actions. Message exchange across system boundaries use a network socket while those within the same system use UNIX sockets.
Image dovecotFigure

Figure 7: The message exchanges between the ported netAuth dovecot and the MVA.
Image dovecot-ksn

Figure 6 shows the sequence of events that are necessary to create a new imap process to service requests from the MVA.

  1. Messages 1a and 1b establish the initial connection between the MVA and dovecot. During this step, the MVA requests and receives the server capabilities (not shown in the figure).
  2. authentication step (shown as messages 2a-2e and action 2f). (a) The MVA sends the user's authentication information as part of a LOGIN message. (b) In response, the login process requests the auth process to authenticate the user (c) The login process request the auth process to authenticate, (d) on successful authentication the login process sends a response back to the MVA and (e) requests the master process to create a new imap process. (f) the master, after verifying a successful authentication with the auth process, creates the new mail process running on behalf of user $U_k$.
  3. The imap process then services the MVA's future requests.

next up previous
Next: Porting dovecot to netAuth Up: Dovecot before and after Previous: Dovecot before and after
Manigandan Radhakrishnan 2008-05-13