On 15/08/25, Odhiambo Washington via dovecot ([email protected]) wrote: > On Fri, Aug 15, 2025 at 5:39PM Rory Campbell-Lange > > <[email protected]> wrote: > > If you only have a single domain name, this should work. The method I am > using allows a larger scope. You can loging as user1 or user1@domain1, etc. > > If a user provides just "username" I run a query that tries to match it > against domain1, domain, 2, domainM. Whichever matches first is used.
I guess it might be a good idea to force a bare username to have a made up domain, such as example.com, to avoid the case where tom matches a tom in another domain and guesses pass123 is their password. I've tried to consider that situation in this example: https://github.com/rorycl/dovecot-config/tree/main/two-userdbs In SQL I guess that might mean doing something like running a query like `domain IN (${user|domain}, 'example.com')`, and ensuring all domain-less users are given that default domain in the users table. Rory _______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
