Feature request: exclude IP/network in allow_nets extra field

Zhang Huangbin zhb at iredmail.org
Tue Apr 30 09:20:42 EEST 2019


> On Apr 30, 2019, at 11:21 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote:
> 
> On 29 Apr 2019, at 19:56, Zhang Huangbin via dovecot <dovecot at dovecot.org> wrote:
>> Recently we need to allow some users to login from everywhere except some IP/networks,
> 
> Can you use firewall rules for this?

I suppose not. We don't restrict ALL users this way, just few of them.
And the client IP addresses may change frequently, not static IPs.

>> how can we accomplish this with "allow_nets"?
> 
> Allow_nets specifies allowed networks. Doesn't say anything else about any other use.
> 
> "The allow_nets field is a comma separated list of IP addresses and/or networks where the user is allowed to log in from."

I understand what "allow" means. But it will be very handy to support something like "!a.b.c.d" to allow all but just exclude few IPs/networks. Isn't it? :)



More information about the dovecot mailing list