Hi All, I use dovecot (v2.3.4) with a SQL backend for user authentication, passwords are stored in CRAMMD5 format. My SMTP server uses "doveadm auth" via auth-socket to perform sender authentification. To shut down SMTP access for hacked passwords I want to have a dedicated flag in the user database to allow/disallow SMTP for a user withouth disabling his account for IMAP. So, is there any option to use a separate passdb definition or additional parameters by either setting this in socket definition of "service auth" or using "-x auth_info"? TIA Oliver -- Protect your environment - close windows and adopt a penguin! -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4222 bytes Desc: S/MIME Cryptographic Signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20200118/ececd265/attachment.p7s>
Hi, can't you just check "account_locked" or similar flag in the password_query and user_query on your sql config? Sami> On 18 Jan 2020, at 10.30, Oliver Welter <mail at oliwel.de> wrote: > > Hi All, > > I use dovecot (v2.3.4) with a SQL backend for user authentication, > passwords are > stored in CRAMMD5 format. > > My SMTP server uses "doveadm auth" via auth-socket to perform sender > authentification. To shut down SMTP access for hacked passwords I want > to have a dedicated flag in the user database to allow/disallow SMTP for > a user withouth disabling his account for IMAP. > > So, is there any option to use a separate passdb definition or > additional parameters by either setting this in socket definition of > "service auth" or using "-x auth_info"? > > > TIA > > Oliver > -- > Protect your environment - close windows and adopt a penguin! > >
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
You can also use %s to expand into service name. See
<a
href="https://doc.dovecot.org/configuration_manual/config_file/config_variables">https://doc.dovecot.org/configuration_manual/config_file/config_variables/</a>
</div>
<div>
<br>
</div>
<div>
Aki
</div>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 18/01/2020 15:24 Sami Ketola <
<a
href="mailto:sami.ketola@dovecot.fi">sami.ketola@dovecot.fi</a>>
wrote:
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
Hi,
</div>
<div>
<br>
</div>
<div>
can't you just check "account_locked" or similar flag in the
password_query and user_query on your sql config?
</div>
<div>
<br>
</div>
<div>
Sami
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 18 Jan 2020, at 10.30, Oliver Welter <
<a
href="mailto:mail@oliwel.de">mail@oliwel.de</a>> wrote:
</div>
<div>
<br>
</div>
<div>
Hi All,
</div>
<div>
<br>
</div>
<div>
I use dovecot (v2.3.4) with a SQL backend for user authentication,
</div>
<div>
passwords are
</div>
<div>
stored in CRAMMD5 format.
</div>
<div>
<br>
</div>
<div>
My SMTP server uses "doveadm auth" via auth-socket to perform
sender
</div>
<div>
authentification. To shut down SMTP access for hacked passwords I want
</div>
<div>
to have a dedicated flag in the user database to allow/disallow SMTP for
</div>
<div>
a user withouth disabling his account for IMAP.
</div>
<div>
<br>
</div>
<div>
So, is there any option to use a separate passdb definition or
</div>
<div>
additional parameters by either setting this in socket definition of
</div>
<div>
"service auth" or using "-x auth_info"?
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
TIA
</div>
<div>
<br>
</div>
<div>
Oliver
</div>
<div>
--
</div>
<div>
Protect your environment - close windows and adopt a penguin!
</div>
<div>
<br>
</div>
</blockquote>
</blockquote>
<div>
<br>
</div>
<div class="io-ox-signature">
<pre>---
Aki Tuomi</pre>
</div>
</body>
</html>