similar to: Dovecot + SASL + allow_nets

Hi, I'm using dovecot on debian etch: ||/ Name Version ii dovecot-common 1.0.rc15-2etch1 ii dovecot-imapd 1.0.rc15-2etch1 ii dovecot-pop3d 1.0.rc15-2etch1 # dovecot --version 1.0.rc15 Now here is my question. Some of the mail users may only login from the LAN, while others can login from the LAN and the internet. I've read about

Hi, I'm using debian sarge on my server and connected a MGE-ups ellipse via the serial port. I searched the internet for the answer, but can't find it. My config files: <upsd.users> [admin] password = pwd allowfrom = 127.0.0.1/32 actions = set instcmds = all [upsmon] password = pwd allowfrom = 127.0.0.1/32 10.0.0.224/32 upsmon master [upsslave] password

Hi, I have the following configuration in my dovecot.conf for Dovecot 2.2.21: passdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = allow_nets=local,127.0.0.1,10.255.1.0/24 } This triggers "auth: Panic" on POP3/IMAP logins as the below: Dec 22 14:57:39 localhost dovecot: auth: ldap(u0000,::1,<oiF8SHYngqsAAAAAAAAAAAAAAAAAAAAB>): allow_nets:

Dear all, We use `allow_nets`[1] to restrict login clients, it works fine. Recently we need to allow some users to login from everywhere except some IP/networks, how can we accomplish this with "allow_nets"? Tried allow_nets="!a.b.c.d", but Dovecot reports error "allow_nets: Invalid network '!a.b.c.d'". Can we have this feature? i guess it should be done

Hi, I've just started trying allow_nets on one of my servers. I have auth_debug and auth_verbose both enabled and the output is as follows: Oct 28 13:05:48 mink dovecot: auth-worker(default): auth(user at domain.net,x.x.x.x): allow_nets: Matching for network 127.0.0.1/8 Oct 28 13:05:48 mink dovecot: auth-worker(default): auth(user at domain.net,x.x.x.x): allow_nets: Matching for network

Hi. I want to use allow_nets in my configuration, but i have some troubles which i cant resolve. To use allow_nets i creates `allow_nets` text field in my mysql users table. My query is: from: dovecot/sql.conf: password_query = SELECT crypt as password, maildir as userdb_mail, 6 AS userdb_uid,6 AS userdb_gid, allow_nets FROM users WHERE id = '%u' from dovecot.conf: auth default {

Hello! I'm trying to restrict imap logins to our internal network for several users, but this breaks dovecot delivery too Even if i set allow_nets to NULL or 0.0.0.0/0 deliver exits with "Error: Auth lookup returned failure" i'm running it as 'command = /usr/lib/dovecot/deliver -e -d "$local_part@$domain" -s' in exim.conf i guess delivery lookups should

Hello, Im using Ubuntu 8.10 with Dovecot 1.0.10. I am using passwd files, not a MySQL database. I have 2 files, a "users" file, and a "passwd" file. I have added: allow_nets=10.1.10.1 to the end of a specific users entry in the users file. When that user tries to login, I get the following in the logs: dovecot: 2009-02-28 09:06:59 Error: IMAP(bob at mydomain.com):

> On Apr 30, 2019, at 11:21 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote: > > On 29 Apr 2019, at 19:56, Zhang Huangbin via dovecot <dovecot at dovecot.org> wrote: >> Recently we need to allow some users to login from everywhere except some IP/networks, > > Can you use firewall rules for this? I suppose not. We don't restrict ALL users this way,

Hello all i have postfix running with dovecot-sasl and mysql as a backend. It all runs good. I run into trouble as where outlook 2003 fails to authenticate when sending e-mail. I have thunderbird outlook2007 and 2003 clients. The tunderbird and 2007 clients are working OK, the outlook2003 client get the relay access denied message. In the postfix log i see it is not initiating sasl they all

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I use the allow_nets password extra field [0] for my users. Is there a way to use this functionality for ALL users, and not to edit my passwd-file every time a new user is added ? The alternative i am working for this is the TCP Wrappers. [0]: http://wiki.dovecot.org/PasswordDatabase/ExtraFields/AllowNets -----BEGIN PGP SIGNATURE----- Version: GnuPG

This was brought up in 2014, and left without conclusion, so I thought it would be time to bump it :) I would love a way to do allow_nets based on an RBL check, could this be added to the feature-list? https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets Thanks -- Tom

I use Dovecot for SASL authentication from Postfix. In Postfix main.cf I have: smtpd_sasl_type = dovecot It works good, but now I need to allow users to connect by IMAP only from given IP adresses. I've added extra field allow_nets to passdb in Dovecot, and IMAP authentication works fine. But now I can't connect to my SMTP server because when smtpd ask dovecot about user

Hello all, I am testing my dovecot installation in order to restrict access via POP3 for IPs outside my network. I have read and understood the instructions in the wiki and I have reached a configuration that works ONLY when single IPs are listed in allow_nets but not when ranges in the notation x.x.x.x/y are listed. Some examples should be more explanatory. I am using 1.0.rc15 patched as

Hello, I'm playing with allow_nets function. It is really cool! In a filebased passwd backend you simply add "allow_nets=192.0.2.143/32" as mentioned in http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets But if I use an LDAP backend it looks different. Following http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds and

Hello, i am running dovevot 2.0.5 using ldap authentication with the allow_nets paramter to limit access to some local networks. The problem is, when i want to use the local lmtp socket from postfix *virtual_transport = lmtp:unix:private/dovecot-lmtp * i get the follwing error: *Oct 21 15:48:03 auth: Info: passdb(username): allow_nets check failed: Remote IP not known *When using the TCP

Hi, I'm wanting to implement allow_nets so that some users can be limited to only use webmail while others can use client or webmail access. Adding the sql to pull a list of IPs/ranges for webmail only users was easy enough. For the users that are allowed to access from anywhere, do I need to specify 0.0.0.0/0 or something or can I just let the sql query return a blank field? Thanks Guy --

I've tried to setup Postfix to use SASL, but it still doesn't seem to be working with Dovecot. I've set things up based on these instructions: http://wiki.dovecot.org/HowTo/SimpleVirtualInstall http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL http://wiki.dovecot.org/LDA I've compiled Postfix with Dovecot SASL and SSL/TLS support. The problems I'm seeing in Postfix are:

Hello, Zhang. You can easily do this without a new feature in Dovecot. - Create a post login script, for instance, in bash. - install grepcidr on your server. Your post login script can use grepcidr to check for white or black list. https://wiki.dovecot.org/PostLoginScripting I have implemented this myself on a small open source project, I can send you the links of you want. Andr?. Tue Apr

Hello all, I am struggeling to get my Dovecot SASL to work within postfix. I have used the configuration example listed on the main-site of dovecot and it basically isn't giving me any success at all. I am probably missing something easy, but after spending a few days testing and walking through everything I could think about I thought figured it was better to ask :) Hope someone can point me