> On 31. May 2020, at 15.47, Zdeněk Zámečník <di...@dixy.cz> wrote:
>
> I run into troubles when trying to set up auth_policy_server in Dovecot
> 2.3.10.1. It works almost as expected but I cannot get client ID in this
> process.
>
> By setting up "imap_id_log=*" I see in log that Dovecot gets details about
> mail client like name and version:
>
> May 31 14:20:58 mail dovecot:
> imap(x...@example.xxx)<24796><ft7ytfCmjdZWMSZQ>: ID sent: name=Thunderbird,
> version=68.8.1
>
>
> But the auth_policy_server is getting all details except this ID, it's empty:
>
> May 31 14:20:58 mail auth-policy[10357]: {
> May 31 14:20:58 mail auth-policy[10357]: device_id: '',
> May 31 14:20:58 mail auth-policy[10357]: login: 'x...@example.xxx',
> May 31 14:20:58 mail auth-policy[10357]: protocol: 'imap',
> May 31 14:20:58 mail auth-policy[10357]: pwhash: '097a',
> May 31 14:20:58 mail auth-policy[10357]: remote: '1.2.3.4',
> May 31 14:20:58 mail auth-policy[10357]: tls: true
> May 31 14:20:58 mail auth-policy[10357]: }
>
>
> However in some cases I see that client_id is passed to auth_policy_server:
>
> May 31 14:27:41 mail auth-policy[10357]: {
> May 31 14:27:41 mail auth-policy[10357]: device_id: '"name"
> "Outlook-iOS-Android" "version" "2.0"',
> May 31 14:27:41 mail auth-policy[10357]: login: 'y...@example.xxx',
> May 31 14:27:41 mail auth-policy[10357]: protocol: 'imap',
> May 31 14:27:41 mail auth-policy[10357]: pwhash: '0b63',
> May 31 14:27:41 mail auth-policy[10357]: remote: '3.4.5.6',
> May 31 14:27:41 mail auth-policy[10357]: tls: true
> May 31 14:27:41 mail auth-policy[10357]: }
>
This completely depends on the imap client. Some clients send IMAP ID pre-login
and in that case it can be relayed to auth policy server.
Some clients send IMAP ID post-login and then auth policy stuff is already
completed without the information.
Sami
