Restrict IMAP login, but allow Postfix SASL
Hippo Man
hippoman at gmail.com
Wed Jun 1 15:50:22 UTC 2022
> There's a facility to add arbitrary code to the imap login process,
> e.g., in "10-master.conf":
>
> service imap-postlogin {
> executable = script-login /local/bin/imap-wrapper
> user = $default_internal_user
> unix_listener imap-postlogin {
> }
> }
>
Just wondering: is there some sort of pre-login scripting facility for
validation,
as well as this post-login mechanism? I couldn't find anything like this in
the Dovecot docs, but perhaps I missed something.
I'd like to be able to have the IP address, the protocol, the user ID, and
the password examined before even passing the request to the standard
login mechanism, and I'd like to be able to reject the request even prior
to login. And a nice-to-have would also be the ability to alter the request
before it gets passed on to the login mechansim.
Am I out of luck?
--
hippoman at gmail.com
Take a hippopotamus to lunch today.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20220601/4f02369b/attachment.htm>
More information about the dovecot
mailing list