> On 04/08/2021 16:51 Andrea Gabellini <andrea.gabell...@telecomitalia.sm>
> wrote:
>
>
> Hello,
>
> from the proxy I can do the forward:
>
> passdb {
> driver = static
> args = proxy=y nopassword=y starttls=yes forward_test=%{secured}
> }
>
> On the backend, activating debugging:
>
> dovecot: auth: Debug: client passdb out:
> OK#0111#011user=xxxxx#011forward_test=TLS
>
> How do I pass this forward_test variable to postlogin?
>
>
> Il 04/08/21 14:53, Andrea Gabellini ha scritto:
> > Hello,
> >
> > I am writing for advice on how to deal with a problem.
> >
> > I have a Dovecot Proxy/Director -> Backend installation, all with
> > version 2.3
> >
> > Encryption on POP3 / IMAP connections is currently optional. I would
> > like to set it as mandatory but despite the numerous reminders many
> > users have not taken steps to adapt. Setting it as mandatory would
> > mean having too many calls to support.
> >
> > I would therefore like to block the connection to only some of them
> > and slowly reach my target. I can't find how and where to fit in to be
> > able to do such a thing. At first I thought about postlogin, but the
> > user ended up on a proxy and I can't use it. I tried to use the
> > forwarding function on the proxy and postlogin on the backend, but I
> > didn't succeed in the first part.
> >
> > In pseudo code, I would like to do this:
> >
> > if connection is not secured {
> > if user is in my list {
> > block the connection;
> > }
> > }
> >
> > Thanks in advance for any suggestions,
> > Andrea
> >
>
> --
> __________________________
> I've never had much luck buying computers. I bought an Apple and it had an
> worm in it!
> __________________________
>
> TIM San Marino S.p.A.
> Andrea Gabellini
In the next hop, adapt this to your passdb block:
passdb {
driver = static
args = userdb_test=%{forward_test}
}
Aki
