[Dovecot] login_trusted_networks (v2.0.8)
I just spent a bit puzzling over "login_trusted_networks". My problem was using "10.1.2/24" instead of "10.1.2.0/24".
Here are some things I looked for during troubleshooting that didn't pan out:
(1) No messages printed to syslog. (2) Search for "login_trusted_networks" on the Wiki (wiki2) failed. (3) Comments in example config file didn't specify expected format.
Anyway, it works now. <shrug>
- Don
=================== 'doveconf -n' (redacted):
*[root@postal ~]# **doveconf -n* # 2.0.8: /etc/dovecot/dovecot.conf # OS: Linux 2.6.9-67.0.1.ELsmp i686 Red Hat Enterprise Linux WS release 4 (Nahant Update 6) ext3 auth_username_format = %Lu auth_verbose = yes auth_verbose_passwords = sha1 login_log_format_elements = user=<%u> service=%Us method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = xx.xx.x.0/24 xx.xx.xx.0/23 mail_location = maildir:/Virtual_Users/%u/Mail passdb { driver = pam } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } ssl_ca = </etc/dovecot/ssl/iMove_2011_CAcert.pem ssl_cert = </etc/dovecot/ssl/postal_cert.pem ssl_key = </etc/dovecot/ssl/postal_key+req.pem ssl_key_password = ******** ssl_parameters_regenerate = 12 userdb { driver = passwd } userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } verbose_proctitle = yes protocol imap { ssl_cert = </etc/dovecot/ssl/imap_cert.pem ssl_key = </etc/dovecot/ssl/imap_key+req.pem ssl_key_password = </etc/dovecot/ssl/imap.pw } protocol pop3 { ssl_cert = </etc/dovecot/ssl/pop3_cert.pem ssl_key = </etc/dovecot/ssl/pop3_key+req.pem ssl_key_password = </etc/dovecot/ssl/pop3.pw } *[root@postal ~]#*
On Thu, 2011-01-06 at 11:14 -0800, Don Buchholz wrote:
I just spent a bit puzzling over "login_trusted_networks". My problem was using "10.1.2/24" instead of "10.1.2.0/24".
Here are some things I looked for during troubleshooting that didn't pan out:
(1) No messages printed to syslog.
This happens because libc's inet_aton() translates 1.2.3 to 1.2.0.3 (and similarly 1.2 to 1.0.0.2). I'd rather not add my own checks to prevent this.
participants (2)
-
Don Buchholz
-
Timo Sirainen