Hi,
I think this i wrong.
With that command you catch all _established_ connections. If I just
connect to 993/143 WITHOUT auth, I will have a smtp connection open.
Il 16/08/2022 22:46, Antonio Leding ha scritto:
At the risk of being pedestrian, I just use something like |sudo netstat
-an | grep ‘:[ IMAP_PORT ]’|
I’m pretty sure you thought of this but still, thought I would toss it out…
Cheers
------------------------------------------------------------------------
On 16 Aug 2022, at 13:15, Jaroslaw Rafa wrote:
Hello Dovecot community,
I have a question: is it possible to programmatically get from
Dovecot a
list of currently active IMAP sessions (with IP addresses)? Via a
plugin or
something?
Or just check if there is an IMAP session currently open from a
particular IP
address, with true/false type answer?
I'm planning to implement a policy service for *Postfix* that will
revive
the old "POP before SMTP" authorization concept (only it will be "IMAP
before SMTP" this time). This policy service will reject connections to
mail submission ports (465, 587) - without even going to SMTP AUTH
phase -
unless the connecting IP address has currently an IMAP session open to
Dovecot, to mitigate SMTP AUTH attacks.
But for this I need some way to check from within this policy
service if the
particular IP address has a connection open or not. It could be of
course
obtained by scanning Dovecot logs, but this involves quite a large
overhead.
Therefore I'm looking for the way to get this information directly from
Dovecot's current state.
Can you advise me of any way to do this?
Or maybe someone has already written such a piece of software and it is
available somewhere on the Net?
--
Regards,
Jaroslaw Rafa
r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know:
once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
--
###############################
# Cristiano Deana #
# #
# Senior Network Engineer #
# Digital Response Team #
# CittaStudi S.p.a. #
# off. +39 015 855 1172 #
# cell +39 328 310 6392 #
###############################