22 Aug
2022
22 Aug
'22
10:01 a.m.
Hi,
I think this i wrong. With that command you catch all _established_ connections. If I just connect to 993/143 WITHOUT auth, I will have a smtp connection open.
Il 16/08/2022 22:46, Antonio Leding ha scritto:
At the risk of being pedestrian, I just use something like |sudo netstat -an | grep ‘:[ IMAP_PORT ]’|
I’m pretty sure you thought of this but still, thought I would toss it out…
Cheers
On 16 Aug 2022, at 13:15, Jaroslaw Rafa wrote:
Hello Dovecot community, I have a question: is it possible to programmatically get from Dovecot a list of currently active IMAP sessions (with IP addresses)? Via a plugin or something? Or just check if there is an IMAP session currently open from a particular IP address, with true/false type answer? I'm planning to implement a policy service for *Postfix* that will revive the old "POP before SMTP" authorization concept (only it will be "IMAP before SMTP" this time). This policy service will reject connections to mail submission ports (465, 587) - without even going to SMTP AUTH phase - unless the connecting IP address has currently an IMAP session open to Dovecot, to mitigate SMTP AUTH attacks. But for this I need some way to check from within this policy service if the particular IP address has a connection open or not. It could be of course obtained by scanning Dovecot logs, but this involves quite a large overhead. Therefore I'm looking for the way to get this information directly from Dovecot's current state. Can you advise me of any way to do this? Or maybe someone has already written such a piece of software and it is available somewhere on the Net? -- Regards, Jaroslaw Rafa raj@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
--
############################### # Cristiano Deana # # # # Senior Network Engineer # # Digital Response Team # # CittaStudi S.p.a. # # off. +39 015 855 1172 # # cell +39 328 310 6392 # ###############################