On Fri, 2009-04-10 at 16:49 +0400, Pavel Volkovitskiy wrote:
I'm trying to restrict imap logins to our internal network for several users, but this breaks dovecot delivery too
Even if i set allow_nets to NULL or 0.0.0.0/0 deliver exits with "Error: Auth lookup returned failure"
If you return NULL, then dovecot-auth shouldn't even see the allow_nets. So you should be able to do something which checks if '%s' = deliver and then return NULL, otherwise return the actual allow_nets. Or instead of %s=deliver you could also check if the remote IP is known, '%r'=''.
If it's not working like that, set auth_debug=yes and post the logs.
i guess delivery lookups should be independent of allow_nets
I don't really like the idea of Dovecot doing that automatically.