[Dovecot] about postlogin in dovecot2

bmalik bmalik at ihlas.net.tr
Sat Aug 11 01:14:12 EEST 2012


i can manage read -d problem changing -p

what should be user rights of the postlogin_pop3.sh ?
i use vpopmail




the pop3script;

#!/bin/sh
#  30-jul-2007
#
# Author:
#  Oliver Schulze L.
#  Contact: http://tinymailto.com/oliver
#  Paraguay

INTRANET_NETS="127.0.0.1 10."
 
# users that can login from the Internet
INTERNET_USERS="user1 user2 user3 user4 test at test.com"
 
DEBUG=0
 
 
 
# variables setup by dovecot: IP USER
 
# configure the dovecot binary to run based on the name of the script, so
# this script can be used for imap and pop3 just by making a link
SCRIPT_BASE="postlogin"
DOVECOT_EXEC=""
if [ "$(basename $0)" = "${SCRIPT_BASE}_imap.sh" ] ; then
        DOVECOT_EXEC="/usr/local/libexec/dovecot/imap"
elif [ "$(basename $0)" = "${SCRIPT_BASE}_pop3.sh" ] ; then
        DOVECOT_EXEC="/usr/local/libexec/dovecot/pop3"
else
        MSG="Please edit the file $(basename $0) and change the SCRIPT_BASE
variable"
        /usr/bin/logger "$MSG"
        # display a message to the user
        echo "* OK [ALERT] $MSG"
        # cancel the current imap request
        echo "* NO $MSG"
        exit 1
fi
 
# debug
if [ $DEBUG -eq 1 ] ; then
        # TEST data
        DEBUG=1
 
        # intranet test, any user can login
        #IP=192.168.1.23
        #USER=user222
 
        # internet test, only user user2 can login
        #IP=200.85.32.2
        #USER=user2
fi
 
 
if [ -z "$IP" ] ; then
        echo "$(basename $0): IP variable is empty"
        exit 2
fi
if [ -z "$USER" ] ; then
        echo "$(basename $0): USER variable is empty"
        exit 3
fi
 
# FLAGS
IN_INTRANET=0
INTERNET_ALLOWED=0
DOVECOT_ALLOW=0
 
# Create this file in a RAM based directory in order to gain performance
FILE_TMP=$(mktemp /tmp/login-intranet-dovecot.tmp.XXXXXX)
 
#
------------------------------------------------------------------------------
# check if the IP is from the Intranet
 
# always use a tmp file in while in order to modify this script variables
echo "$INTRANET_NETS " > $FILE_TMP
 
# cicle all intranets
while read -p ' ' net_intranet ; do
        net_grep=$(echo $net_intranet | sed -e 's/\./\\\./g')
        echo $IP | grep $net_grep 2>/dev/null 1>/dev/null
        RES=$?
 
        if [ $DEBUG -eq 1 ] ; then
                echo "  net_intranet: $net_intranet -> RES: $RES"
        fi
 
        if [ $RES -eq 0 ] ; then
                # the IP is from the intranet, stop processing and allow
login
                IN_INTRANET=1
                break
        fi
done < $FILE_TMP
 
 
#
------------------------------------------------------------------------------
# if the user is connecting from outside the intranet, check if it is
allowed
# to do so
if [ $IN_INTRANET -eq 0 ] ; then
        # always use a tmp file in while
        echo "$INTERNET_USERS " > $FILE_TMP
 
        # cicle all allowed internet users
        while read -p ' ' user_inet ; do
                if [ $DEBUG -eq 1 ] ; then
                        echo "  $USER == $user_inet"
                fi
 
                if [ "$USER" = "$user_inet" ] ; then
                        # the user is conecting from the Internet and is
allowed, stop
                        # processing and allow login
                        INTERNET_ALLOWED=1
                        break
                fi
        done < $FILE_TMP
 
fi
 
if [ $DEBUG -eq 1 ] ; then
        echo "IN_INTRANET     : $IN_INTRANET"
        echo "INTERNET_ALLOWED: $INTERNET_ALLOWED"
fi
 
# delete temp file
rm -f $FILE_TMP
 
if [ $IN_INTRANET -eq 1 ] ; then
        # the user is conecting from the intranet
        DOVECOT_ALLOW=1
elif [ $IN_INTRANET -eq 0 ] && [ $INTERNET_ALLOWED -eq 1 ] ; then
        # the user is conecting from the internet and is an allowed internet
user
        DOVECOT_ALLOW=1
fi
 
# check if the user can login
if [ $DOVECOT_ALLOW -eq 1 ] ; then
        # the user can login, run the imap or pop3 server
        if [ $DEBUG -eq 1 ] ; then
                echo "exec $DOVECOT_EXEC"
        else
                # this script ends here
                exec $DOVECOT_EXEC
        fi
else
        # user is not allowed to login, inform the user and system log
 
        #MSG="El usuario '$USER' no puede conectarse desde Internet"
        MSG="User '$USER' not allowed to connect from the Internet [$IP]"
        /usr/bin/logger "$(basename $0): $MSG"
        # display a message to the user
        echo "* OK [ALERT] $MSG"
        # cancel the current imap request
        echo "* NO $MSG"
        exit 10
fi

exec $@



--
View this message in context: http://dovecot.2317879.n4.nabble.com/about-postlogin-in-dovecot2-tp5993p7786.html
Sent from the Dovecot mailing list archive at Nabble.com.



More information about the dovecot mailing list