[Dovecot] 1.0alpha2: "passdb deny" feature request

Jeff A. Earickson jaearick at colby.edu
Mon Sep 19 18:38:36 EEST 2005


Hi,
    I asked last week about an auth mechanism in 1.0alpha2 to
reject specific userids or uids from authentication.  Marco De Benedetto
kindly suggested using passdb passwd-file for a rejection list.
That didn't work and the Wiki for authentication makes it clear why:
the multiple databases use OR for success instead of AND.  So
my test user failed with passdb passwd-file but succeeded with
PAM, so he got in.

Any chance of having a "passdb deny" feature, whereby any userid
or uid that appears there will be rejected without further authentication
tests?  Something like:

auth default {
   passdb deny {
     # path of file listing denied uids or userids
     args = /etc/dovecot.nonauth
   }
   passdb pam {
   (etc)
}

Jeff Earickson
Colby College


More information about the dovecot mailing list