I just spent a bit puzzling over "login_trusted_networks". My problem was using "10.1.2/24" instead of "10.1.2.0/24". Here are some things I looked for during troubleshooting that didn't pan out: (1) No messages printed to syslog. (2) Search for "login_trusted_networks" on the Wiki (wiki2) failed. (3) Comments in example config file didn't specify expected format. Anyway, it works now. <shrug> - Don =================='doveconf -n' (redacted):> *[root at postal ~]# **doveconf -n* > # 2.0.8: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.9-67.0.1.ELsmp i686 Red Hat Enterprise Linux WS > release 4 (Nahant Update 6) ext3 > auth_username_format = %Lu > auth_verbose = yes > auth_verbose_passwords = sha1 > login_log_format_elements = user=<%u> service=%Us method=%m rip=%r > lip=%l mpid=%e %c > login_trusted_networks = xx.xx.x.0/24 xx.xx.xx.0/23 > mail_location = maildir:/Virtual_Users/%u/Mail > passdb { > driver = pam > } > passdb { > args = scheme=CRYPT username_format=%u /etc/dovecot/users > driver = passwd-file > } > ssl_ca = </etc/dovecot/ssl/iMove_2011_CAcert.pem > ssl_cert = </etc/dovecot/ssl/postal_cert.pem > ssl_key = </etc/dovecot/ssl/postal_key+req.pem > ssl_key_password = ******** > ssl_parameters_regenerate = 12 > userdb { > driver = passwd > } > userdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > } > verbose_proctitle = yes > protocol imap { > ssl_cert = </etc/dovecot/ssl/imap_cert.pem > ssl_key = </etc/dovecot/ssl/imap_key+req.pem > ssl_key_password = </etc/dovecot/ssl/imap.pw > } > protocol pop3 { > ssl_cert = </etc/dovecot/ssl/pop3_cert.pem > ssl_key = </etc/dovecot/ssl/pop3_key+req.pem > ssl_key_password = </etc/dovecot/ssl/pop3.pw > } > *[root at postal ~]#*
On Thu, 2011-01-06 at 11:14 -0800, Don Buchholz wrote:> I just spent a bit puzzling over "login_trusted_networks". My problem > was using "10.1.2/24" instead of "10.1.2.0/24". > > Here are some things I looked for during troubleshooting that didn't > pan out: > > (1) No messages printed to syslog.This happens because libc's inet_aton() translates 1.2.3 to 1.2.0.3 (and similarly 1.2 to 1.0.0.2). I'd rather not add my own checks to prevent this.