On Sun, Feb 21, 2016 at 04:20:07AM +0200, Timo Sirainen wrote:
> How about:
>
> passdb {
> driver = passwd-file
> args = username_format=%l /etc/dovecot/passwd.domains
> result_success = continue
> }
>
> passdb {
> .. the real passdb for authentication ..
> }
>
> Where /etc/dovecot/passwd.domains contains:
>
> 10.0.0.100:::::domain=foo.org
> 10.0.0.101:::::domain=bar.org
>
> So the first passdb lookup would set the domain based on IP and then continue
> for the actual authentication. Or if you don't want it to override an
> explicit user@domain authentication, this should also work:
>
> 10.0.0.100:::::domain:protected=foo.org
> 10.0.0.101:::::domain:protected=bar.org
>
> Not tested, but should work I think. At least with new enough Dovecot
> versions.
Sounds promising, thanks for the idea. My current problem is that
passwd.domains "authentication" now fails because user1's password
doesn't match the "empty field" corresponding to
10.0.0.100:::::domain=foo.org
I get:
auth: Info: passwd-file(user1,<remote-ip>,<session>): unknown user
auth: Info: passwd-file(user1,<remote-ip>,<session>): Password mismatch
Hmm, "result_failure = continue" doesn't seem to help, either...
Thanks,
--Gabriel
