Forcing imap authentication failure for certain IP addresses
I'm running dovecot 2.3.18 under Debian 11.
I want to do something that's a bit unusual: when IMAP connections are attempted from a few specific IP addresses, I want to force an IMAP authentication failure from those connections, no matter what user ID and password are specified.
I know that I can use iptables to completely block imap access from those IP addresses to the IMAP ports. However, in these specific cases, I'd prefer that the connection goes through to dovecot, but for dovecot then to always generate authentication failures for those specific connections ... even if a valid user ID and password happen to be specified.
Is there a way to do this in dovecot?
Thank you very much in advance.
-- hippoman@gmail.com Take a hippopotamus to lunch today.
.---------, 0__0/ ( oo'---,
/ oo
,\ |
| \ ,=__/
\ /
/ /------| /|
|__|-' |__|'
Well, did you try to start up some isolated unconfigured instance of dovecot inside a docker container for example and then relay all connections from that specific address using iptables to that instance?
That would of course generate an auth fail message each time, and also log it somewhere else.
On 01/08/2023 17:10, Hippo Man wrote:
I'm running dovecot 2.3.18 under Debian 11.
I want to do something that's a bit unusual: when IMAP connections are attempted from a few specific IP addresses, I want to force an IMAP authentication failure from those connections, no matter what user ID and password are specified.
I know that I can use iptables to completely block imap access from those IP addresses to the IMAP ports. However, in these specific cases, I'd prefer that the connection goes through to dovecot, but for dovecot then to always generate authentication failures for those specific connections ... even if a valid user ID and password happen to be specified.
Is there a way to do this in dovecot?
Thank you very much in advance.
participants (2)
-
Hippo Man
-
Lars Schotte