Re: configuring SquirrelMail Dovecot and wforced to display end user IP; auth_policy_server_url

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On 2019年04月08日 07:11, Robert Kudyba wrote:
>> On 2019年04月01日 08:30, Robert Kudyba wrote:
>>> squirrelmail-1.4.23-0.fc29.20180816.noarch, on Fedora 29.with
>>> dovecot-2.3.3-1.fc29.x86_64
>>> I posted on the Dovecot mailing list,
>>> <>,
>>> and their admin suggested finding a setting in SquirrelMail.
>>> I have wforce running correctly with Dovecot, see
>>> However, the IP logged is always of the SquirrelMail server or
>>> localhost. Is there e plugin or setting that I can change to get
>>> weakforced to correctly show the end user IP?
>> Well, I've had code sitting around for a while that implements RFC2971
>> (ID command), so I just committed it.  You can use it for this purpose
>> by putting something like this into your config/config_local.php
>> $imap_id_command_args = array('remote-host' => '###REMOTE ADDRESS###');
>> If you don't care about Dovecot's response in SquirrelMail and want to
>> save a few CPU cycles, add this too:
>> $do_not_parse_imap_id_command_response = TRUE;
>> The code will show up in our next daily snapshot for 1.4.23 or get a
>> patch here:
> Thanks Paul! I tried the new code. Squirrelamil is definitely slower
> with these options added.

If you have metrics or profiling traces that quantify this, I'd love to
see that.  The added code does (should) not add all that much - it's
just a single extra and very simple IMAP ID command.  Did you use the
configuration variable that disables response parsing?

> And still no source IP of end user but perhaps
> there logs may shed a light? Or what should  auth_policy_server_url be?

The rest of your question is about Dovecot, it is not relevant to this
list.  I suggest first sniffing the IMAP connection to make sure the ID
command with the IP address is being sent and acknowledged by Dovecot,
then synchronizing your configuration and debugging that.  The Dovecot
list is the best place to continue asking for help as long as the ID
command is working as it should.

squirrelmail-users mailing list
Posting guidelines:
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives:
List info (subscribe/unsubscribe/change options):

[Index of Archives]     [Video For Linux]     [Yosemite News]     [Yosemite Photos]     [gtk]     [KDE]     [Cyrus SASL]     [Gimp on Windows]     [Steve's Art]     [Webcams]

  Powered by Linux