[Dovecot] Dovecot "authentication failed" interaction with Postfix
Timo Sirainen
tss at iki.fi
Sat Sep 22 16:43:32 EEST 2007
On Sun, 2007-09-09 at 14:57 -1000, Julian Cowley wrote:
> password_query = SELECT username AS user, password, NULLIF(access != 0, 1) AS nologin, 'Access not allowed for this account' AS reason FROM mailbox WHERE username = '%u'
..
> While this second query works correctly with IMAP and POP authentication,
> it does not work with Postfix SMTP AUTH. Assuming the password is
> correct, the user is authenticated even when "access" is zero. It seems
> that either Postfix and/or dovecot-auth (I'm not sure which) is ignoring
> the "nologin" field in this case.
The "nologin" is kind of a hack. I don't think Postfix should even
support it. The correct way to implement this would be to use something
like:
SELECT username AS user, password, if(access!=0, NULL, 'Access not
allowed') AS reason WHERE username = '%u' AND access != 0;
This should fix Postfix, but I think Dovecot v1.0 doesn't like it then
(v1.1 does). If it doesn't, you can kludge around it with returning
"nologin" and:
.. AND (access != 0 or '%s' != 'smtp')
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070922/2784e32a/attachment-0001.bin
More information about the dovecot
mailing list