On 30 Apr 2019, at 00:20, Zhang Huangbin via dovecot dovecot@dovecot.org wrote:
On Apr 30, 2019, at 11:21 AM, @lbutlr via dovecot dovecot@dovecot.org wrote:
On 29 Apr 2019, at 19:56, Zhang Huangbin via dovecot dovecot@dovecot.org wrote:
Recently we need to allow some users to login from everywhere except some IP/networks,
Can you use firewall rules for this?
I suppose not. We don't restrict ALL users this way, just few of them.
This iOS sounding odder and odder.
And the client IP addresses may change frequently, not static IPs.
And? How is that an issue? Either way you are going to have to change a configuration. At least with a fireball, you don't have to reload dovecot each time.
how can we accomplish this with "allow_nets"?
Allow_nets specifies allowed networks. Doesn't say anything else about any other use.
"The allow_nets field is a comma separated list of IP addresses and/or networks where the user is allowed to log in from."
I understand what "allow" means. But it will be very handy to support something like "!a.b.c.d" to allow all but just exclude few IPs/networks. Isn't it? :)
I cannot imagine a case where I would find this useful, no.
-- "You never really understand a person until you see things from his point of view, until you climb inside of his skin and walk around in it."