Feature request: exclude IP/network in allow_nets extra field
Zhang Huangbin
zhb at iredmail.org
Wed May 1 05:28:51 EEST 2019
> On Apr 30, 2019, at 10:37 PM, andre via dovecot <dovecot at dovecot.org> wrote:
>
> You can easily do this without a new feature in Dovecot.
>
> - Create a post login script, for instance, in bash.
> - install grepcidr on your server.
>
> Your post login script can use grepcidr to check for white or black list.
>
> https://wiki.dovecot.org/PostLoginScripting
Dear Andre,
Thank you very much for the input.
Post login script should work as you suggested, but consider Dovecot already supports "allow_nets=a.b.c.d", we just need a mark like "!" to exclude some IP/networks, this might be the best and most elegant solution (if it can be implemented, of course), because we need only one userdb/passdb for all users, just different "allow_nets" for access control. Not one userdb/passdb for one each access policy.
More information about the dovecot
mailing list