Authentication per Service
Hi All,
I use dovecot (v2.3.4) with a SQL backend for user authentication, passwords are stored in CRAMMD5 format.
My SMTP server uses "doveadm auth" via auth-socket to perform sender authentification. To shut down SMTP access for hacked passwords I want to have a dedicated flag in the user database to allow/disallow SMTP for a user withouth disabling his account for IMAP.
So, is there any option to use a separate passdb definition or additional parameters by either setting this in socket definition of "service auth" or using "-x auth_info"?
TIA
Oliver
Protect your environment - close windows and adopt a penguin!
Hi,
can't you just check "account_locked" or similar flag in the password_query and user_query on your sql config?
Sami
On 18 Jan 2020, at 10.30, Oliver Welter <mail@oliwel.de> wrote:
Hi All,
I use dovecot (v2.3.4) with a SQL backend for user authentication, passwords are stored in CRAMMD5 format.
My SMTP server uses "doveadm auth" via auth-socket to perform sender authentification. To shut down SMTP access for hacked passwords I want to have a dedicated flag in the user database to allow/disallow SMTP for a user withouth disabling his account for IMAP.
So, is there any option to use a separate passdb definition or additional parameters by either setting this in socket definition of "service auth" or using "-x auth_info"?
TIA
Oliver
Protect your environment - close windows and adopt a penguin!
Hi Aki
Am 18.01.20 um 14:58 schrieb Aki Tuomi:
You can also use %s to expand into service name. See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ <https://doc.dovecot.org/configuration_manual/config_file/config_variables>
Thanks - this was exactly the information I was looking for!
Oliver
-- Protect your environment - close windows and adopt a penguin!
participants (3)
-
Aki Tuomi
-
Oliver Welter
-
Sami Ketola