[Dovecot] dovecot Digest, Vol 45, Issue 18

Timo Sirainen tss at iki.fi
Fri Jan 19 18:18:11 UTC 2007


On Fri, 2007-01-12 at 04:54 +0300, subscriber at viliar.net.ru wrote:
> > Dec 19 11:25:30 post dovecot: auth-worker(default): sql(mail at example.com): query: SELECT mail as
> > user, cryptp as password, CONCAT('/home/vmail/',homedir,'/',maildir,'/'
> > ) as userdb_home, uid as userdb_uid, gid as userdb_gid,
> > CONCAT('dirsize:/home/vmail/',homedir,'/',maildir,'/',':storage=',quota/1024) as userdb_quota, nice
> > as userdb_nice
> > , hosts as allow_nets FROM users WHERE mail = 'mail at example.com' and access = 'Y' and smtp = 'Y';
> > Dec 19 11:25:30 post dovecot: auth-worker(default): passdb(mail at example.com): allow_nets check
> > failed: Remote IP not known
> >
> > As I understand, postfix does not transfer to dovecot auth daemon rip ( remote ip ). And it is
> > looks like allow_nets it is impossible to use together with dovecot sasl auth in postfix.
> >
> > Do we have any workaround on it?
> >
> >
> Hello again.
> 
> As I think, this problem is realy about dovecot. Probably it should not doing looking at allow_net then 
> it using for external auh, or then %Ls = smtp ? Just another trap/check to prevent problem like this?
> Or am I wrong?

I don't think Dovecot at least should have any checks that "oh, there's
no IP address, let's just ignore allow_nets then and let the poor user
in".

But yes, you could do that that in the SQL query by returning
allow_nets=NULL when %Ls = smtp.

I think Postfix should some day be modified to support providing
rip/lip..

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070119/688d6d53/attachment.pgp 


More information about the dovecot mailing list