Ángel González writes:
There are several things that the remote address would make possible, easier or have it as a prerequisite:* The authdaemon could be centrally logging who is requesting which account (not so interesting by itself)
This is already logged.Feb 23 21:13:46 monster imapd: LOGIN, user=mr...@courier-mta.com, ip=[::1], port=[60939], protocol=SMAP1
* The authdaemon could throttle abusing ips (something the services can't do, as they don't have such memory)
couriertcpd already supports per /24 and per IP address limits.
* Differenciating remote accesses and internal services (ie. webmail)... even if the webmail uses an imap backend.
Which has always been a poor way to implement webmail.
* Geographically limit access to the accounts (do you really access your account from several countries/continents?).
Why not?
PS: It indeed looked like a X Y problem request! I have answered enough misdirected questions to hope not to be completely off, though.
Well, the per-IP address differention is mostly related to the maximum number of simultaneous connections that are accepted, and that's handled by couriertcpd, not authdaemon.
couriertcpd is the best place to implement throttling, hence the controls. This is already actually implemented, but I keep forgetting to document it. So, now I documented it.
pgp4xDSIBEDuy.pgp
Description: PGP signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
