On Tue, 2008-10-28 at 13:55 +0000, Guy wrote:
auth_cache_ttl is set to 300. If I set it to 1 then the allow_nets successfully rejects. Once I set it back up to 300 the cache overrides the result from the allow_nets check and let's the account log in even though the allow_nets check fails.
I've tried waiting for longer than the 300 seconds and then logged in again, but I still get the same result as above.
What Dovecot version? Post your dovecot -n output? Seems to work fine with the almost-v1.1.6 (and I don't remember doing changes related to this for a long time):
client in: AUTH 5 PLAIN service=imap secured lip=127.0.1.1 rip=127.0.1.1 lport=143 rport=49704 resp=AHRzcwBwYXNz cache(tss,127.0.1.1): hit: {plain}pass allow_nets=127.0.0.1 auth(tss,127.0.1.1): allow_nets: Matching for network 127.0.0.1 passdb(tss,127.0.1.1): allow_nets check failed: IP not in allowed networks client out: FAIL 5 user=tss