Postlogin script

Aki Tuomi aki.tuomi at dovecot.fi
Fri Nov 10 13:13:05 EET 2017


You could also have used allow_nets passdb field.
https://wiki2.dovecot.org/PasswordDatabase/ExtraFields

Aki


On 10.11.2017 12:45, j.emerlik wrote:
> Thx, prips works as I expected, gr8 tool, not available in Gentoo repository
> but after compilation Dovecot doing what I wanted.
> Regards,
> Jack
>
> 2017-11-09 21:19 GMT+01:00 Gedalya <gedalya at gedalya.net>:
>
>> A bit clunky but perhaps you could find another command.
>>
>> https://packages.debian.org/stretch/netmask
>>
>> $ IP=172.11.0.28
>> $ if [ "$(netmask -n $IP/24)" == "     172.11.0.0/24" ]; then echo OK; fi
>> OK
>> $ IP=172.12.0.11
>> $ if [ "$(netmask -n $IP/24)" == "     172.11.0.0/24" ]; then echo OK; fi
>> $
>>
>> Range:
>>
>> https://packages.debian.org/stretch/prips
>>
>> $ IP=172.11.0.28
>> $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi
>> 172.11.0.28
>> OK
>> $ IP=172.11.0.66
>> $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi
>>
>>
>> On 11/09/2017 11:12 AM, j.emerlik wrote:
>>> Hi,
>>> I would like to prepare postlogin a script that allow imap connection to
>>> roundcube for all but restrict imap access for selected users.
>>>
>>> My question is that:
>>>
>>> Is possible in condition IF use IP addresses as range or with mask
>> (because
>>> I've more than one web servers) ?
>>>
>>> My script:
>>>
>>> #!/bin/sh
>>> if [ "$IP" = "172.11.0.28" ] ; then
>>>   printf "* [ALERT] Access allowed from that IP\r\n"
>>>   exec "$@"
>>> fi
>>>
>>> CHECK_USER=`PGPASSWORD="somepass" /usr/local/pg950/bin/psql -q -t -U
>>> someuser -d maildb -c "select imap_allowed from __users where name =
>>> '$USER' LIMIT 1"`
>>>
>>> if [ $CHECK_USER == "f" ] ; then
>>> exit 0
>>> fi
>>>
>>> if [ $CHECK_USER == "t" ] ; then
>>> exec "$@"
>>> fi
>>>
>>> Regards,
>>> Jack
>>
>>



More information about the dovecot mailing list