> On 17 Oct 2018, at 20.09, bes <bes.inter...@gmail.com> wrote: > > Refer to > https://dovecot.org/pipermail/dovecot/2015-March/099971.html > https://wiki.dovecot.org/PasswordDatabase > I tried to repeat the same thing. > Set these passdb: > > passdb { > args = /myscript.sh ip=%r > driver = checkpassword > result_failure = return-fail > result_success = continue > } > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext ( my working auth method ) > driver = sql > } > > Created executable /myscript.sh: > #!/bin/sh > exit 1
While I'm not sure why this does not work I'm was wondering if a deny-passdb would be more efficient to implement this blacklisting as executing a script on each login attempt is awfully slow. Instead I would do something like this: # check deny passwd for ip address first passdb { driver = passwd-file args = username_format=%r /etc/dovecot/ip-deny-list deny = yes auth_verbose = no result_success = return-fail } and then just create /etc/dovecot/ip-deny-list with one ip address per line. Sami