Yeah, I had screwed up and completely missed the segment at the bottom of the variables section that showed how to use them. Felt pretty bad after spending a few days trying to get SQL working, noticing how a long variable name was referenced in one of the auth lines, and then going back to find out that I could have saved myself a lot of trouble by reading more thoroughly.
I do have a new issue that I'm trying to fix, though it's probably best for me to update Dovecot and see if it persists. For whatever reason, I'm starting to see the Dovecot auth worker reporting passwd auth attempts without an IP and the log lines don't match up with how a normal failed login attempt should look. I'll do that in a separate thread though.
Best regards,
Andrew Obertas Technical Support Representative Infinet Communications Group
On 12/8/2013 1:47 PM, Timo Sirainen wrote:
On 22.11.2013, at 0.24, Andrew Obertas andrew@infinet.net wrote:
Hello,
I know it is possible to lock down a master user to only have access to certain domains through SQL login but I was wondering if the same was possible with a passwd-based system. I currently have a master-passwd file residing in the /etc/virtual/domain.com/ directories I want the master user to be able to log in to. Is there a way to tell passdb to only allow the master user login to proceed if they can auth to the master-passwd file in the same folder as the user? Alternatively, is there a better way to go about this?
What I assumed would be the easy approach, where the domain from the user's e-mail is fetched, doesn't seem to work as %d fetches the master user's domain and, unless I'm doing something wrong, the login_domain variable cannot be used as this is outside Dovecot-auth. What do you mean outside Dovecot-auth? Master user login is done in auth process. %{login_domain} should work I think..