IPv4/v6 based access checking and logging

julio covolato julio at psi.com.br
Fri Nov 12 18:51:20 UTC 2021


And a litle shell script to query data from db:


#!/bin/sh
#########################################################################################
# ex.: uso: dovecotLastLogin.sh -d 10
#       dovecotLastLogin.sh -u julio
#########################################################################################
# For Mysql postfixadmin database
#########################################################################################
MYSQL="mysql --login-path=vmail -Dvmail -t -e"
         case $1 in
         -d)
         DAYSAGO=`date --date="$2 days ago" +%s`
         $MYSQL "select 
username,last_login.domain,FROM_UNIXTIME(last_login) AS 
last_login,rip,proto,active FROM last_login INNER JOIN mailbox USING 
(username) WHERE last_login < '$DAYSAGO' ORDER BY 
mailbox.active,last_login;"
         ;;

         -u)
         $MYSQL "select 
username,last_login.domain,FROM_UNIXTIME(last_login) AS 
last_login,rip,proto,active FROM last_login INNER JOIN mailbox USING 
(username) WHERE username LIKE '%$2%' ORDER BY mailbox.active,last_login;"
         ;;

         *)
         echo
         echo " USO: dovecotLastLogin.sh [-d -u] [days user]"
         echo
         echo " -d --> All users whith no login in N days ago, ex.: 
dovecotLastLogin.sh -d 90"
         echo " -u --> Last login from user, ex.: dovecotLastLogin.sh -u 
user at domain.com"
         echo " List last login from ALL users from one domain: 
dovecotLastLogin.sh -u domain.com"
         echo " List lat login from ALL users: dovecotLastLogin.sh -u %"
         exit 1
         ;;
         esac
# End

----------------------------------
     _    Engº Julio Cesar Covolato
    0v0   <julio at psi.com.br>
   /(_)\  F: 55-11-99175-9260
    ^ ^   PSI INTERNET
----------------------------------

Em 12/11/2021 15:33, julio covolato escreveu:
>
> Em 12/11/2021 14:47, Lefteris Tsintjelis escreveu:
>> Hi,
>>
>> I am currently using postfix/dovecot with postfix admin and I track 
>> the last login date already by using this:
>>
>> https://doc.dovecot.org/configuration_manual/lastlogin_plugin/
>>
>> Besides last login date, I would like to also implement IPv4 and IPv6 
>> last login tracking also and if possible, IP based login checking. Is 
>> post-login scripting the best most efficient way to go?
>>
>> Regards,
>>
>> Lefteris
>
> Hi,
>
> This is my lastlogin config to track remote ip:
>
> dovecot.conf:
>
> dict {
>
>   lastlogin = mysql:/etc/dovecot/dovecot-last-login.conf
>   ....
> }
>
> dovecot-last-login.conf:
>
> connect = host=127.0.0.1 port=3306 dbname=vmail user=vmailadmin 
> password=XXXXXXXXXXXXXXX
>
> map {
>     pattern = shared/last-login/$user/$domain/$rip/$service
>     table = last_login
>     value_field = last_login
>     value_type = uint
>
>     fields {
>         username = $user
>         domain = $domain
>         rip = $rip
>         proto = $service
>     }
> }
>
> Mysql table last_login:
>
> +------------+--------------+------+-----+---------+-------+
> | Field      | Type         | Null | Key | Default | Extra |
> +------------+--------------+------+-----+---------+-------+
> | username   | varchar(255) | NO   | PRI |         |       |
> | domain     | varchar(255) | NO   | MUL |         |       |
> | last_login | int(11)      | YES  | MUL | NULL    |       |
> | rip        | varchar(16)  | NO   | MUL |         |       |
> | proto      | varchar(10)  | NO   |     | NULL    |       |
> +------------+--------------+------+-----+---------+-------+
>
> Hope this help!
>
> ----------------------------------
>     _    Engº Julio Cesar Covolato
>    0v0   <julio at psi.com.br>
>   /(_)\  F: 55-11-99175-9260
>    ^ ^   PSI INTERNET
> ----------------------------------
>


More information about the dovecot mailing list