dovecot - Apr 2009 - allow_nets and deliver + userdb lookup

Hello!

I'm trying to restrict imap logins to our internal network for several 
users, but this breaks dovecot delivery too

Even if i set allow_nets to NULL or 0.0.0.0/0 deliver exits with "Error: 
Auth lookup returned failure"

i'm running it as 'command = /usr/lib/dovecot/deliver -e -d 
"$local_part@$domain" -s' in exim.conf

i guess delivery lookups should be independent  of allow_nets

i'm  using dovecot 1.1.13 + managesieve patch

-- 
Pavel

On Fri, 2009-04-10 at 16:49 +0400, Pavel Volkovitskiy
wrote:
> I'm trying to restrict imap logins to our internal network for several 
> users, but this breaks dovecot delivery too
> 
> Even if i set allow_nets to NULL or 0.0.0.0/0 deliver exits with
"Error:
> Auth lookup returned failure"
If you return NULL, then dovecot-auth shouldn't even see the allow_nets.
So you should be able to do something which checks if '%s' = deliver and
then return NULL, otherwise return the actual allow_nets. Or instead of
%s=deliver you could also check if the remote IP is known,
'%r'=''.

If it's not working like that, set auth_debug=yes and post the logs.
> i guess delivery lookups should be independent  of allow_nets
I don't really like the idea of Dovecot doing that automatically.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20090411/8f6d30ec/attachment-0002.bin>