[Dovecot] allow_nets overridden by cache

Guy wyldfury at gmail.com
Wed Oct 29 21:32:00 EET 2008 

Hi Timo,

2008/10/29 Timo Sirainen <tss at iki.fi>:
>
> What Dovecot version? Post your dovecot -n output? Seems to work fine
> with the almost-v1.1.6 (and I don't remember doing changes related to
> this for a long time):

Sorry, should have included that before.
I've just upgraded to 1.1.5, compiled from source with nothing extra
added. Although I did just do a make install without doing an
uninstall on the old 1.1.2, could that effect it?

root at stoat:/opt/src/dovecot/1.1.5/dovecot-1.1.5# dovecot -n
# 1.1.5: /etc/dovecot/dovecot.conf
protocols: imap imaps pop3 pop3s
listen(default): *:143
listen(imap): *:143
listen(pop3): *:110
ssl_listen(default): *:993
ssl_listen(imap): *:993
ssl_listen(pop3): *:995
ssl_cert_file: /etc/ssl/certs/imapd.pem
ssl_key_file: /etc/ssl/private/imapd.pem
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
login_process_per_connection: no
login_processes_count: 10
max_mail_processes: 1024
verbose_proctitle: yes
mail_location: maildir:%h/Maildir/
mail_full_filesystem_access: yes
mmap_disable: yes
dotlock_use_excl: no
mail_nfs_storage: yes
mail_nfs_index: yes
lock_method: dotlock
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_process_size: 128
mail_plugins(default): imap_quota quota
mail_plugins(imap): imap_quota quota
mail_plugins(pop3): quota
mail_log_max_lines_per_sec: 30
imap_client_workarounds: outlook-idle delay-newmail
pop3_uidl_format: %08Xv%08Xu
pop3_client_workarounds: outlook-no-nuls oe-ns-eoh
namespace:
  type: private
  separator: /
  inbox: yes
  list: yes
  subscriptions: yes
namespace:
  type: private
  separator: /
  prefix: mail/
  location: maildir:%h/Maildir/
  hidden: yes
  subscriptions: yes
auth default:
  cache_size: 2048
  cache_ttl: 1
  cache_negative_ttl: 1
  username_chars:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@'
  master_user_separator: *
  verbose: yes
  worker_max_count: 5
  passdb:
    driver: passwd-file
    args: /etc/dovecot/dovecot-master.pwd
    master: yes
  passdb:
    driver: sql
    args: /etc/dovecot/dovecot-mysql.conf
  userdb:
    driver: sql
    args: /etc/dovecot/dovecot-mysql.conf
plugin:
  quota: maildir
  quota_rule: *:storage=100M
  quota_rule2: Trash:ignore


In the section of logs that I showed you could see the client out:FAIL
after the allow_nets check but a cache hit immediately afterwards
would allow the account to login. Even if I set the auth_cache_ttl to
15 seconds it would still fail the allow_nets check and then get a
cache hit and be logged in.

If there's any other information I can provide please let me know.

Thanks
Guy

-- 
Don't just do something...sit there!

More information about the dovecot mailing list