This bug is finally fixed: http://hg.dovecot.org/dovecot-1.1/rev/e76f93b48187
On Tue, 2008-10-28 at 13:55 +0000, Guy wrote: > Hi, > > I've just started trying allow_nets on one of my servers. I have > auth_debug and auth_verbose both enabled and the output is as follows: > Oct 28 13:05:48 mink dovecot: auth-worker(default): > auth(u...@domain.net,x.x.x.x): allow_nets: Matching for network > 127.0.0.1/8 > Oct 28 13:05:48 mink dovecot: auth-worker(default): > auth(u...@domain.net,x.x.x.x): allow_nets: Matching for network > 10.0.7.176/28 > Oct 28 13:05:48 mink dovecot: auth-worker(default): > passdb(u...@domain.net,x.x.x.x): allow_nets check failed: IP not in > allowed networks > Oct 28 13:05:50 mink dovecot: auth(default): client out: FAIL 1265 > user=usern...@aluminati.net > Oct 28 13:05:50 mink dovecot: auth(default): > cache(u...@domain.net,x.x.x.x): hit: <hidden> > user=u...@domain.net > Oct 28 13:05:50 mink dovecot: auth(default): client out: OK 1266 > user=u...@domain.net > > auth_cache_ttl is set to 300. If I set it to 1 then the allow_nets > successfully rejects. Once I set it back up to 300 the cache overrides > the result from the allow_nets check and let's the account log in even > though the allow_nets check fails. > > I've tried waiting for longer than the 300 seconds and then logged in > again, but I still get the same result as above. > > Is there a gotcha that I'm unaware of or have I done something stupid > (which seems the most likely :P)? > > Thanks > Guy >
signature.asc
Description: This is a digitally signed message part
