Any way to limit number of active IMAP/POP3 sessions from a single user / per user?
Timo Sirainen
tss at iki.fi
Mon Jul 3 20:24:18 EEST 2017
On 3 Jul 2017, at 19.34, Alexey Asemov (Alex/AT) <lists at alex-at.ru> wrote:
>
> I can confirm setting mail_max_userip_connections from database in userdb query *does not* work at all. User can still open multiple connection above the limit, seems like it has no effect. I thoroughly checked DB response and it contains proper field name/value.
>
> I am using dovecot 2.2.31.
>
> Also, I have mail_max_userip_connections set globally in the dovecot configuration file and wonder if this can interfere, but at least some other settings do not and so I doubt it's the cause.
Oh, right, I remembered that this setting wasn't handled until imap process started, but it's handled by login process. But what you could do if the user has a static IP:
remote 1.2.3.4 {
mail_max_userip_connections = 1
}
or even a static IP address space:
remote 1.2.3.0/24 {
mail_max_userip_connections = 1
}
> So for now I have to go with writing a policy server for that it seems :)
>
> I assume it does not work because user/IP limit is probably checked before parsing DB parameters.
> Maybe dovecot code can be adjusted somehow so it allows setting mail_max_userip_connections from userdb before it's processed?
Since it's login process, it would have to be returned by passdb lookup. But that's a lot of trouble for such a special use case.
More information about the dovecot
mailing list