[Dovecot] Last login tracking with login_executable

Denny Lin dennylin93 at hs.ntnu.edu.tw
Sun Nov 7 05:29:44 EET 2010

On Thu, Oct 14, 2010 at 03:38:04PM +0100, Ed W wrote:
>  On 14/10/2010 15:04, Denny Lin wrote:
> >
> >I was wondering if it would be possible to read the username/password
> >from a Dovecot config file (like userdb/passdb/quota/expire) instead of
> >using my.cnf.
> In that case I think just creating a script with the password in it, 
> which is itself called from login process does what you need? (As Timo 
> just said)
> In Dovecot 2 there is a move to splitting the config files up to a 
> greater extent, so I think it can be seen really as an extension of that 
> if you have one more file knocking around?
> However, do still remember that you should almost certainly create a 
> separate database user for this task - this user can then be locked down 
> (eg only insert access to a single table) and in that way there is a 
> limit to the damage they could do even if the password were compromised?
> I like people who think about security though - please consider writing 
> up your final solution on that page of the wiki so that there is a "best 
> practice" solution on there?

Sorry for the late reply. I've been very busy recently (filling out
university applications). In the end I decided to use Timo's solution as
it seems like the best one.

Thanks for all the advice and suggestions.

Denny Lin

More information about the dovecot mailing list