-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 22 Oct 2014, A. Schulze wrote:
I like to enable the allow_nets Feature (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets) for my customers. To help them knowing there own IP I imagine a special mailbox/loginuser at the pop3 server.
That user could give a valid pop3 answer from a dummy pop3 server or simply throw a login error with customised answer containing the IP information.
let's put aside the question, if this way is sensible or not.
I would give the http://wiki2.dovecot.org/PostLoginScripting a try. Maybe you can enable it for your dummy account via ExtraFields specifically.
Because I wonder, if you will be successful with "throw a login error with customised answer" [any MUA displays what it wants], you might prefer a MUA-independ script or program that queries your server. And if you are at it, maybe a dummy server with a self-made script that returns "+OK POP3 your IP is ....", then return +FAIL for any further command. You need to return the greeting and keep the connection open, in order to bypass IDS firewalls.
Now back to sensible or not ;-) :
Of course, if you use a dummy server (IP address) for probing the IP address, an intermediate firewall could re-route the connection differently. If you use another demon [port] on the same server, the same may happen.
If you or your customers do not have control over the routing and final public IP address, that IP might change any now and then anyway. So, if you've experienced problems in this regard, you probably need to implement a completely different protection scheme, that are independed on the IP address.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBVEiwU3z1H7kL/d9rAQJJxwgAxEzY+h8Yfh2xTdvwX8wuVOcMVSzK2MLC Cfq4BitXPZEZliVL4un8b5SjFOhMFS32wG4DtlUxbkL6rrJUuM6U+2pUhOE6a1hM hAMAUyZYYwhCc517XfEkp+YEb85cCgaMX6BRfnWHnFklMAtWK3WoLlfY6ZzMeTt3 zPjgRlb0JRw5CPE5r6v9GElk4QdwR8LZAMvIzx1FcMv5lG/bOqIUAkoQewwzoIP5 vpWkfR3thkT0Dh4ibcoP5Vp7ecC+EDsJobOjBkRQIbCedojk0V515xsXK9h9q6qm 3JLTWNVO/PyoClgpVmNI0ZFW8S2vijc5DVb9lxr4neehBfTMNlZ9Gg== =2mdO -----END PGP SIGNATURE-----