Feature request: exclude IP/network in allow_nets extra field
@lbutlr
kremels at kreme.com
Tue Apr 30 12:39:11 EEST 2019
On 30 Apr 2019, at 00:20, Zhang Huangbin via dovecot <dovecot at dovecot.org> wrote:
> On Apr 30, 2019, at 11:21 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote:
>>
>> On 29 Apr 2019, at 19:56, Zhang Huangbin via dovecot <dovecot at dovecot.org> wrote:
>>> Recently we need to allow some users to login from everywhere except some IP/networks,
>>
>> Can you use firewall rules for this?
>
> I suppose not. We don't restrict ALL users this way, just few of them.
This iOS sounding odder and odder.
> And the client IP addresses may change frequently, not static IPs.
And? How is that an issue? Either way you are going to have to change a configuration. At least with a fireball, you don't have to reload dovecot each time.
>>> how can we accomplish this with "allow_nets"?
>>
>> Allow_nets specifies allowed networks. Doesn't say anything else about any other use.
>>
>> "The allow_nets field is a comma separated list of IP addresses and/or networks where the user is allowed to log in from."
>
> I understand what "allow" means. But it will be very handy to support something like "!a.b.c.d" to allow all but just exclude few IPs/networks. Isn't it? :)
I cannot imagine a case where I would find this useful, no.
--
"You never really understand a person until you see things from his
point of view, until you climb inside of his skin and walk around in
it."
More information about the dovecot
mailing list