[Dovecot] allow_nets and deliver + userdb lookup
Timo Sirainen
tss at iki.fi
Sun Apr 12 05:08:07 EEST 2009
On Fri, 2009-04-10 at 16:49 +0400, Pavel Volkovitskiy wrote:
> I'm trying to restrict imap logins to our internal network for several
> users, but this breaks dovecot delivery too
>
> Even if i set allow_nets to NULL or 0.0.0.0/0 deliver exits with "Error:
> Auth lookup returned failure"
If you return NULL, then dovecot-auth shouldn't even see the allow_nets.
So you should be able to do something which checks if '%s' = deliver and
then return NULL, otherwise return the actual allow_nets. Or instead of
%s=deliver you could also check if the remote IP is known, '%r'=''.
If it's not working like that, set auth_debug=yes and post the logs.
> i guess delivery lookups should be independent of allow_nets
I don't really like the idea of Dovecot doing that automatically.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090411/8f6d30ec/attachment.bin
More information about the dovecot
mailing list