[Dovecot] allow_nets overridden by cache
Timo Sirainen
tss at iki.fi
Wed Oct 29 18:39:09 EET 2008
On Tue, 2008-10-28 at 13:55 +0000, Guy wrote:
> auth_cache_ttl is set to 300. If I set it to 1 then the allow_nets
> successfully rejects. Once I set it back up to 300 the cache overrides
> the result from the allow_nets check and let's the account log in even
> though the allow_nets check fails.
>
> I've tried waiting for longer than the 300 seconds and then logged in
> again, but I still get the same result as above.
What Dovecot version? Post your dovecot -n output? Seems to work fine
with the almost-v1.1.6 (and I don't remember doing changes related to
this for a long time):
client in: AUTH 5 PLAIN service=imap secured lip=127.0.1.1 rip=127.0.1.1 lport=143 rport=49704 resp=AHRzcwBwYXNz
cache(tss,127.0.1.1): hit: {plain}pass allow_nets=127.0.0.1
auth(tss,127.0.1.1): allow_nets: Matching for network 127.0.0.1
passdb(tss,127.0.1.1): allow_nets check failed: IP not in allowed networks
client out: FAIL 5 user=tss
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20081029/5582e4c1/attachment-0001.bin
More information about the dovecot
mailing list