On 03/01/2015 06:34 PM, Benny Pedersen wrote:>> The other side of this equation, Postfix, has had this capability >> for years. Why it hasn't been added to dovecot is a mystery. It's >> the only thing (really, the ONLY thing!) that I dislike about dovecot. > > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets > > then setup fail2ban to manage extrafieldsNow that's a very interesting idea, thank you! I will investigate this. -Dave -- Dave McGuire, AK4HZ/3 New Kensington, PA
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 2 Mar 2015, Dave McGuire wrote:> On 03/01/2015 06:34 PM, Benny Pedersen wrote: >>> The other side of this equation, Postfix, has had this capability >>> for years. Why it hasn't been added to dovecot is a mystery. It's >>> the only thing (really, the ONLY thing!) that I dislike about dovecot. >> >> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets >> >> then setup fail2ban to manage extrafields > > Now that's a very interesting idea, thank you! I will investigate this.Does allownets support negative CIDRs? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVPQfMXz1H7kL/d9rAQLP6Qf+KLmEwyVugxT5iXYRK5mVES5L8fsyKIM+ nZR0hMO2N2Aq30Sq6GFRc1+pJoICzP8t20X0yrOgR0pG7CfIIOwH6s/Z9RsBpFW6 WtuqPwRf5/K/KcL2IslIrvjvoYSuzlw4ny7/fLfBIwtuqlnIRhZz8L9CGAMmDWnK cPK2+qNDMGMDk9ueeriklO//BdvFcvlE9Rz/NlsmmbLXzXDN2OQdO9SqV67y7sIA pb7JSr+O2WNAIROm1tccTW22Z1YIYKjOboOHLCNr0MlPL8QDPDrSuy+z7gQpXtCC BDjXba2R/nWBAbwUR/+mJzErShCw48eERCCr7EGjQWYqd6+NHHgl6A==xYN/ -----END PGP SIGNATURE-----
On March 2, 2015 9:28:16 AM Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> wrote:> Does allownets support negative CIDRs?if order of ips is done in listed order imho yes Example:?allow_nets=127.0.0.0/8,192.168.0.0/16,!1.2.3.4,4.5.6.7 deny 1.2.3.4 but allow all others listed pr user this does not work with pam pr user, but allownets is genric pr login user if fields are in auth db