Hi, I am currently using postfix/dovecot with postfix admin and I track the last login date already by using this: https://doc.dovecot.org/configuration_manual/lastlogin_plugin/ Besides last login date, I would like to also implement IPv4 and IPv6 last login tracking also and if possible, IP based login checking. Is post-login scripting the best most efficient way to go? Regards, Lefteris
If yore gonna check for IP, you should do it in pre-login so you can reject the username/password combo if the registred IP of account does not match.But guess its better to write a custom login handler for that, that also checks user's ip against database, in addition to username/password, and tells client username/password is wrong if IP is unauth.. -------- Originalmeddelande --------Fr?n: Lefteris Tsintjelis <lefty at spes.gr> Datum: 2021-11-12 18:48 (GMT+01:00) Till: dovecot at dovecot.org ?mne: IPv4/v6 based access checking and logging Hi,I am currently using postfix/dovecot with postfix admin and I track the last login date already by using this:https://doc.dovecot.org/configuration_manual/lastlogin_plugin/Besides last login date, I would like to also implement IPv4 and IPv6 last login tracking also and if possible, IP based login checking. Is post-login scripting the best most efficient way to go?Regards,Lefteris -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20211112/b7f5a1cc/attachment.html>
Em 12/11/2021 14:47, Lefteris Tsintjelis escreveu:> Hi, > > I am currently using postfix/dovecot with postfix admin and I track > the last login date already by using this: > > https://doc.dovecot.org/configuration_manual/lastlogin_plugin/ > > Besides last login date, I would like to also implement IPv4 and IPv6 > last login tracking also and if possible, IP based login checking. Is > post-login scripting the best most efficient way to go? > > Regards, > > LefterisHi, This is my lastlogin config to track remote ip: dovecot.conf: dict { ? lastlogin = mysql:/etc/dovecot/dovecot-last-login.conf ? .... } dovecot-last-login.conf: connect = host=127.0.0.1 port=3306 dbname=vmail user=vmailadmin password=XXXXXXXXXXXXXXX map { ??? pattern = shared/last-login/$user/$domain/$rip/$service ??? table = last_login ??? value_field = last_login ??? value_type = uint ??? fields { ??????? username = $user ??????? domain = $domain ??????? rip = $rip ??????? proto = $service ??? } } Mysql table last_login: +------------+--------------+------+-----+---------+-------+ | Field????? | Type???????? | Null | Key | Default | Extra | +------------+--------------+------+-----+---------+-------+ | username?? | varchar(255) | NO?? | PRI |???????? |?????? | | domain???? | varchar(255) | NO?? | MUL |???????? |?????? | | last_login | int(11)????? | YES? | MUL | NULL??? |?????? | | rip??????? | varchar(16)? | NO?? | MUL |???????? |?????? | | proto????? | varchar(10)? | NO?? |???? | NULL??? |?????? | +------------+--------------+------+-----+---------+-------+ Hope this help! ---------------------------------- _ Eng? Julio Cesar Covolato 0v0 <julio at psi.com.br> /(_)\ F: 55-11-99175-9260 ^ ^ PSI INTERNET ----------------------------------