Connection and login scripts callback
Stanislav Humplík
sh at analogic.cz
Thu Sep 27 10:45:29 EEST 2018
Hello,
currently there is very handy post-login scripting already implemented
but it naturally executes only when successful login happens. I would
like to have another two script callbacks which runs:
1. immediately after client connects to server - dovecot should run
script with connection IP and wait for result and then reject/accept
connection with return message accordingly.
2. after failed login - dovecot should exec script with connection IP,
login params without waiting for result
The main reason behind this idea is to use some logic, database
(redis...) or indicators like GeoIP, p0f as bruteforce prevention. It
might be also usable for IP based ACLs.
AFAIK the only way to create something similar is to proxy whole
authentication to some external process, which is not desirable when
dovecot manages user database.
SH
More information about the dovecot
mailing list