No, it's entirely my own. If all you want to do is write client IP addresses to a database then your script will probably fit in 20 lines of code or so. On 10/20/2017 05:04 PM, j.emerlik wrote:> Which one policy server are you using ? > Someone from that list : http://www.postfix.org/addon.html > > 2017-10-20 16:53 GMT+02:00 Gedalya <gedalya at gedalya.net>: > >> On 10/20/2017 04:50 PM, j.emerlik wrote: >> >> I understand that Dovecot SASL does not support the Post-Login scripts. >> Yea, perhaps not. The concept it follows for POP3/IMAP is a wrapper for >> the executable launched to perform the actual service, and there is no such >> service when dovecot is only a SASL auth server for an external program. >> >> On the other hand a postfix policy server can let you record a lot of >> detail about SMTP activity: messages sent, sender/recipient addresses, and >> client addresses of course. >> >> I might be able to help with putting such a script together, time >> permitting :-) >>
Dovecot auth supports auth_policy_server (v2.2.27+, https://wiki.dovecot.org/Authentication/Policy), which you could use for this. There is also https://github.com/PowerDNS/weakforced you can use as policy server, which can also do ratelimiting and such. It also integrates with postfix. Aki> On October 20, 2017 at 6:12 PM Gedalya <gedalya at gedalya.net> wrote: > > > No, it's entirely my own. > If all you want to do is write client IP addresses to a database then your script will probably fit in 20 lines of code or so. > > > On 10/20/2017 05:04 PM, j.emerlik wrote: > > Which one policy server are you using ? > > Someone from that list : http://www.postfix.org/addon.html > > > > 2017-10-20 16:53 GMT+02:00 Gedalya <gedalya at gedalya.net>: > > > >> On 10/20/2017 04:50 PM, j.emerlik wrote: > >> > >> I understand that Dovecot SASL does not support the Post-Login scripts. > >> Yea, perhaps not. The concept it follows for POP3/IMAP is a wrapper for > >> the executable launched to perform the actual service, and there is no such > >> service when dovecot is only a SASL auth server for an external program. > >> > >> On the other hand a postfix policy server can let you record a lot of > >> detail about SMTP activity: messages sent, sender/recipient addresses, and > >> client addresses of course. > >> > >> I might be able to help with putting such a script together, time > >> permitting :-) > >>
Aha. Looks pretty cool, and it's really nice that it supports HTTP. On the other hand if I'm rate limiting the number of messages sent = number of times a client said RCPT TO, I guess it still has to be a postfix policy server? Anyway, thanks for pointing this out, I'm sure I'll use it :-) On 10/21/2017 02:16 PM, Aki Tuomi wrote:> Dovecot auth supports auth_policy_server (v2.2.27+, https://wiki.dovecot.org/Authentication/Policy), which you could use for this. There is also https://github.com/PowerDNS/weakforced you can use as policy server, which can also do ratelimiting and such. It also integrates with postfix. > > Aki > >> On October 20, 2017 at 6:12 PM Gedalya <gedalya at gedalya.net> wrote: >> >> >> No, it's entirely my own. >> If all you want to do is write client IP addresses to a database then your script will probably fit in 20 lines of code or so. >> >> >> On 10/20/2017 05:04 PM, j.emerlik wrote: >>> Which one policy server are you using ? >>> Someone from that list : http://www.postfix.org/addon.html >>> >>> 2017-10-20 16:53 GMT+02:00 Gedalya <gedalya at gedalya.net>: >>> >>>> On 10/20/2017 04:50 PM, j.emerlik wrote: >>>> >>>> I understand that Dovecot SASL does not support the Post-Login scripts. >>>> Yea, perhaps not. The concept it follows for POP3/IMAP is a wrapper for >>>> the executable launched to perform the actual service, and there is no such >>>> service when dovecot is only a SASL auth server for an external program. >>>> >>>> On the other hand a postfix policy server can let you record a lot of >>>> detail about SMTP activity: messages sent, sender/recipient addresses, and >>>> client addresses of course. >>>> >>>> I might be able to help with putting such a script together, time >>>> permitting :-) >>>>