Feature request: exclude IP/network in allow_nets extra field

Zhang Huangbin zhb at iredmail.org
Wed May 1 05:28:51 EEST 2019



> On Apr 30, 2019, at 10:37 PM, andre via dovecot <dovecot at dovecot.org> wrote:
> 
> You can easily do this without a new feature in Dovecot.
> 
> - Create a post login script, for instance, in bash.
> - install grepcidr on your server.
> 
> Your post login script can use grepcidr to check for white or black list.
> 
> https://wiki.dovecot.org/PostLoginScripting

Dear Andre,

Thank you very much for the input.

Post login script should work as you suggested, but consider Dovecot already supports "allow_nets=a.b.c.d", we just need a mark like "!" to exclude some IP/networks, this might be the best and most elegant solution (if it can be implemented, of course), because we need only one userdb/passdb for all users, just different "allow_nets" for access control. Not one userdb/passdb for one each access policy.


More information about the dovecot mailing list