On Fri, Feb 15, 2008 at 03:36:01PM +0100, Geert Hendrickx wrote:

There are some clever tricks on that page to keep the LDAP/SQL database Dovecot-agnostic and putting the logic in the query. Do you know a similar trick for allow_nets; I have users stored in a PgSQL database and want to allow everyone from our local network (a combination of three CIDR blocks), and only some users from the Internet (0/0). Is it possible to do this using a simple boolean (y/n) "remote" column in my users table? i.e. remote=n should be mapped to allow_nets=x.y.z.0/24,a.b.c.0/24,d.e.0.0/16 and remote=y to allow_nets=0/0.

If the %a (local port) variable where available in the imap service, this could be done by binding imap to two ports and using "remote = true or '%a' = '143'", and redirect the public port on the NAT-router to the other (non-standard) port on the server.

Looks like PostgreSQL supports conditional expressions in queries which make this very easy:

password_query = SELECT md5_pw AS password, CASE WHEN remote='t' THEN '0/0' ELSE 'ournetblocks' END AS allow_nets FROM imap_users WHERE email='%u'

Geert