Matus UHLAR - fantomas:
I have set up pam_abl to automatically block hosts and users from logging.
Unfortunately, the hostname seems not to be visible in pam logs:
May 7 17:49:38 mail pam-abl[18692]: Blocking access from (null) to service
smtp, user xxx
is it possible to pass connecting hostname to pam somehow?
On 07.05.20 13:07, Wietse Venema wrote:
Is ths Cyrus SASL or dovecot SASL? Postfix passes the client info
to Dovecot and Cyrus.
cyrus 2.1.27, postfix 3.4.8 (debian 10)
I will look into it deeper.
smtpd_sasl_glue.c:
#define ADDR_OR_EMPTY(addr, unknown) (strcmp(addr, unknown) ? addr : "")
#define REALM_OR_NULL(realm) (*(realm) ? (realm) : (char *) 0)
if ((state->sasl_server =
XSASL_SERVER_CREATE(smtpd_sasl_impl, &create_args,
stream = state->client,
addr_family = state->addr_family,
server_addr = ADDR_OR_EMPTY(state->dest_addr,
SERVER_ADDR_UNKNOWN),
server_port = ADDR_OR_EMPTY(state->dest_port,
SERVER_PORT_UNKNOWN),
client_addr = ADDR_OR_EMPTY(state->addr,
CLIENT_ADDR_UNKNOWN),
client_port = ADDR_OR_EMPTY(state->port,
CLIENT_PORT_UNKNOWN),
service = var_smtpd_sasl_service,
user_realm = REALM_OR_NULL(var_smtpd_sasl_realm),
security_options = sasl_opts_val,
tls_flag = tls_flag)) == 0)
msg_fatal("SASL per-connection initialization failed");
xsasl_cyrus_server.c
server_addr_port = (*args->server_addr && *args->server_port ?
concatenate(args->server_addr, ";",
args->server_port, (char *) 0) : 0);
client_addr_port = (*args->client_addr && *args->client_port ?
concatenate(args->client_addr, ";",
args->client_port, (char *) 0) : 0);
...
if ((sasl_status =
SASL_SERVER_NEW(args->service, var_myhostname,
args->user_realm ? args->user_realm : NO_AUTH_REALM,
server_addr_port, client_addr_port,
NO_SESSION_CALLBACKS, NO_SECURITY_LAYERS,
&sasl_conn)) != SASL_OK) {
msg_warn("SASL per-connection server initialization: %s",
xsasl_cyrus_strerror(sasl_status));
XSASL_CYRUS_SERVER_CREATE_ERROR_RETURN(0);
}
xsasl_dovecot_server.c:
server->client_addr = mystrdup(args->client_addr);
....
vstream_fprintf(server->impl->sasl_stream,
"AUTH\t%u\t%s\tservice=%s\tnologin\tlip=%s\trip=%s",
server->last_request_id, sasl_method,
server->service, server->server_addr,
server->client_addr);
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Despite the cost of living, have you noticed how popular it remains?
