LMTP and passdb deny=yes not working

Jogi Hofmüller jogi at mur.at
Wed Aug 27 14:04:54 UTC 2014


Hi,

Am 2014-08-27 15:20, schrieb Steffen Kaiser:

> you have lots of userdb's in your config. If you use %s in the general
> ones, I would remove the special ones in the "lmtp" section at all.


True.  I cleaned them up a little.

> userdb {
>   args = /etc/dovecot/deny/%s/deny-user
>   default_fields = uid=vmail gid=vmail home=/tmp/non-existant-name
>   driver = passwd-file
> }

No dice.

> Just use one userdb:
> 
> userdb {
>   args = /etc/dovecot/dovecot-ldap.conf.ext
>   driver = ldap
> }
> 
> Then extent your userdb query by:
> 
> (&(original query)(!(attr=%s)))

Huh, we're getting somewhere!

> choose any attr'ibute with text, such as description, that does no harm
> to other services. Then the LMTP service should get no hit and should,
> IMHO, tempfail the delivery.

Thing is that it does not tmpfail but it says: 550 5.1.1 <user at domain>
User doesn't exist.

But I guess that is correct.  My reasoning is the following:  The above
method effectively disables a user's account.  So from the point of view
of lmtp/imap/pop3 the user does not exist.  In case of lmtp it is
totally appropriate to deny delivery instead of tmpfailing.

Guess I will have to take a look at the -- not yet tried -- quota
solution ...

Thanks so far!

Cheers,
-- 
j.hofmüller

Gerüchtegenerator		               http://plagi.at/geruecht

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140827/de34aaa7/attachment.sig>


More information about the dovecot mailing list