[Dovecot] Last login tracking with login_executable
Denny Lin
dennylin93 at hs.ntnu.edu.tw
Sun Nov 7 05:29:44 EET 2010
On Thu, Oct 14, 2010 at 03:38:04PM +0100, Ed W wrote:
> On 14/10/2010 15:04, Denny Lin wrote:
> >
> >I was wondering if it would be possible to read the username/password
> >from a Dovecot config file (like userdb/passdb/quota/expire) instead of
> >using my.cnf.
>
> In that case I think just creating a script with the password in it,
> which is itself called from login process does what you need? (As Timo
> just said)
>
> In Dovecot 2 there is a move to splitting the config files up to a
> greater extent, so I think it can be seen really as an extension of that
> if you have one more file knocking around?
>
> However, do still remember that you should almost certainly create a
> separate database user for this task - this user can then be locked down
> (eg only insert access to a single table) and in that way there is a
> limit to the damage they could do even if the password were compromised?
>
> I like people who think about security though - please consider writing
> up your final solution on that page of the wiki so that there is a "best
> practice" solution on there?
Sorry for the late reply. I've been very busy recently (filling out
university applications). In the end I decided to use Timo's solution as
it seems like the best one.
Thanks for all the advice and suggestions.
--
Denny Lin
More information about the dovecot
mailing list