On Fri, Feb 15, 2008 at 03:36:01PM +0100, Geert Hendrickx wrote: > There are some clever tricks on that page to keep the LDAP/SQL database > Dovecot-agnostic and putting the logic in the query. Do you know a similar > trick for allow_nets; I have users stored in a PgSQL database and want to > allow everyone from our local network (a combination of three CIDR blocks), > and only some users from the Internet (0/0). Is it possible to do this > using a simple boolean (y/n) "remote" column in my users table? i.e. > remote=n should be mapped to allow_nets=x.y.z.0/24,a.b.c.0/24,d.e.0.0/16 > and remote=y to allow_nets=0/0. > > If the %a (local port) variable where available in the imap service, this > could be done by binding imap to two ports and using "remote = true or '%a' > = '143'", and redirect the public port on the NAT-router to the other > (non-standard) port on the server.
Looks like PostgreSQL supports conditional expressions in queries which make this very easy: password_query = SELECT md5_pw AS password, CASE WHEN remote='t' THEN '0/0' ELSE 'ournetblocks' END AS allow_nets FROM imap_users WHERE email='%u' Geert