On Fri, 2007-01-12 at 04:54 +0300, subscriber@viliar.net.ru wrote:
Dec 19 11:25:30 post dovecot: auth-worker(default): sql(mail@example.com): query: SELECT mail as user, cryptp as password, CONCAT('/home/vmail/',homedir,'/',maildir,'/' ) as userdb_home, uid as userdb_uid, gid as userdb_gid, CONCAT('dirsize:/home/vmail/',homedir,'/',maildir,'/',':storage=',quota/1024) as userdb_quota, nice as userdb_nice , hosts as allow_nets FROM users WHERE mail = 'mail@example.com' and access = 'Y' and smtp = 'Y'; Dec 19 11:25:30 post dovecot: auth-worker(default): passdb(mail@example.com): allow_nets check failed: Remote IP not known
As I understand, postfix does not transfer to dovecot auth daemon rip ( remote ip ). And it is looks like allow_nets it is impossible to use together with dovecot sasl auth in postfix.
Do we have any workaround on it?
Hello again.
As I think, this problem is realy about dovecot. Probably it should not doing looking at allow_net then it using for external auh, or then %Ls = smtp ? Just another trap/check to prevent problem like this? Or am I wrong?
I don't think Dovecot at least should have any checks that "oh, there's no IP address, let's just ignore allow_nets then and let the poor user in".
But yes, you could do that that in the SQL query by returning allow_nets=NULL when %Ls = smtp.
I think Postfix should some day be modified to support providing rip/lip..