search for: gvxzhcspftgseqed

...myuser>, method=PLAIN, rip=myip, lip=myip, TLS, session=<M1JtpiSPGNOsEQED> on the backend: imap-login: Error: proxy(myuser): Login for imap.myserver.lan:993 timed out in state=/none (after 30 secs, local=myip:47622): user=<myuser>, method=PLAIN, rip=myip, lip=myip, TLS, session=<gVxZhCSPftGsEQED> imap-login: Info: Disconnected (no auth attempts in 30 secs): user=<>, rip=myip, lip=imap.myserver.lan, TLS handshaking: SSL_accept() syscall failed: Success, session=<7XIkhiSPBrpfrWbS>

Dear All, Is it possible to make any authorization (eg. checking of group membership) in case of GSSAPI authentication? Our dovecot authenticates the users against PAM and GSSAPI. In the PAM file I'm able to check if a user is a member of a selected (e.g mailreader) group. If the user is member, he can login otherwise not (see below). If the user has a valid Kerberos ticket and he