On Mon, Aug 16, 2004 at 11:15:37AM +0200, Andreas Aardal Hanssen quoth: > On Sun, 15 Aug 2004, Henry Baragar wrote: > >Create a script similar to the following: > > #! /bin/sh > > logger "bincimapd $BINCIMAP_USERID authenticated from $TCPREMOTEIP" > > exec $@ > >Add this script to the binc command chain between your checkpassword and > >bincimapd commands. > >You may need to replace TCPREMOTEIP if you are not using tcpserver. Of > >course, you can change the message to whatever you like. > > Good one, Henry. That's the Binc way of doing it. And David: I hope this > solved your problem!
Based on a private conversation off-list, I think there's a more direct
method of doing this that does not waste I/O logging (nor CPU-time
parsing logs), which I'm posting here for posterity.
Postfix uses a hash file of some sort to keep track of what hosts have
authenticated and should be allowed through. A standard line in the
/etc/postfix/main.cf file would look something like this:
smtpd_recipient_restrictions = permit_mynetworks,
reject_non_fqdn_recipient,
check_client_access hash:/etc/postfix/pop-before-smtp,
check_relay_domains
Instead of using "logger" to log the remote IP address, you can
manipulate that hash file directly. Something along the lines of:
#!/bin/sh
addtohash $TCPREMOTEIP /etc/postfix/pop-before-smtp
exec $@
Just thought it might save somebody some time if they're looking for
ways to speed up a sluggish bincimap/postfix server.
~Kyle
--
Believe nothing, no matter where you read it or who has said it, unless it
agrees with your own reason and your own common sense.
-- Buddha
pgp1pMKXUVekL.pgp
Description: PGP signature
