RBL with stock Dovecot 2.2.15 (was Re: IP drop list)

Thu Mar 5 21:45:57 UTC 2015

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Steffen Kaiser wrote:

> passdb { driver = ipdeny args = <host>/matchpattern/action ....
> *** }
> 

With next passdb{} as 1st in chain:

passdb {
  driver = checkpassword
  args = "/tmp/chktst ip=%r service=%s"
  result_success = continue
  result_failure = return-fail
}

and this script
BEGIN /tmp/chktst
#!/bin/bash

echo "$@" >>/tmp/chktst.log
# return OK
exit 0
# return FAIL
exit 1
END

I get the log entry:
ip=127.0.0.1 service=imap
/usr/local/dovecot-2.2.15/libexec/dovecot/checkpassword-reply

and with exit 0, the next passdb{} let me login, and with exit 1, all
logins fail.

So, with the current stock Dovecot you can make RBL calls and
decissions with a script. ;-)

- -- 

Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iQEVAwUBVPjOlXz1H7kL/d9rAQIDFggAtDGl8rgN3zpOa8QQ1JVgVne5alAzBShN
JfWm/4rDLBqPfAeqLX8OGUja19dxru0rJFAZPr673v7I4GfGVu2XHgEFV7qWag/m
r32B//ADgvyBc0hwYOy2IQ4Zc2BW7K7Xx9hvbA5ZzmlDwbkIg1fBQ8SDHP7EoPso
Io/OD8ADvyGJf0RC6lDF+shhpu1mPGg9YVx+jiUD2EOlnq06JDo51sbaQ0BUGfK3
3TmiWr+yFLALrJAYTkoNbonGioGwPPfSqGwmj5/l0ch4N/k9vAf06IbNyFYTzqh+
apjDUNrTVzTnlUeeadoFNDpqkNCGpZDfEe/C/OImxsmNwQoe9fXjbg==
=NQ5g
-----END PGP SIGNATURE-----