[Dovecot] Dovecot + SASL + allow_nets

Andrew Garner muzazzi at gmail.com
Mon Dec 3 20:08:28 EET 2007


> Timo Sirainen schreef:
> > On Mon, 2007-12-03 at 14:36 +0100, Marc Cuypers wrote:
> >> When using dovecot for authentication of an SASL (postfix) request, i
> >> cannot use the allow_nets parameter.  The IP-address of the requester is
> >> not known in dovecot.
> >>
> >> I would like to allow sasl for certain users, others are not allowed to
> >> access via SASL.
> >> Some users can have access to imap and pop3 from certain IP-addresses.
> >>
> >> How could i combine this in then dovecot configuration?
> >
> > Since Postfix doesn't send the IP to Dovecot, there isn't anything on
> > Dovecot's side you can do. You could try asking about this in Postfix
> > list.. Someone at least had a patch which allowed sending local IP to
> > Dovecot (http://marc.info/?t=119306971600010&r=1&w=2). Maybe it sends
> > remote IP as well.

I wrote that patch.   It passes both endpoints (remote & local)
through to dovecot .    This lets you restrict smtp-auth just like
pop3 or imap using the remote IP.    In my case, I had played around
with a quick hack for doing per-ip realming (using the local IP) w/
dovecot-sql.


More information about the dovecot mailing list