auth/passdb: Document nologin behavior with lmtp and doveadm

sirainen · Sep 25, 2024 · 4e144a6 · 4e144a6
1 parent ed7bca8
commit 4e144a6
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/data/updates.js b/data/updates.js
@@ -42,6 +42,7 @@ export const updates = {
 	ja3_identifier: '2.4.0',
 	lazy_expunge_namespace: '2.3.0',
 	ldap_multi_added: '2.4.0',
+	lmtp_nologin_added: '2.4.0',
 	lua_auth_init: '2.4.0',
 	lua_dns_client: '2.4.0',
 	lua_script_init: '2.4.0',

diff --git a/docs/core/config/auth/passdb.md b/docs/core/config/auth/passdb.md
@@ -501,6 +501,15 @@ assume that the password was given wrong, so it might not be a good idea to use
 this unless the system will be down for days and you don't have a better way to
 notify the users.
 
+::: warning
+The `nologin` field is mainly intended for user logins (IMAP, POP3,
+ManageSieve). It is ignored with `doveadm`, because the intention is that admin
+could still be able to access a disabled user via `doveadm`.
+
+[[changed,lmtp_nologin_added]] The `nologin` field prevents LMTP access now
+as long as [[setting,lmtp_proxy,yes]]. However, the `reason` field is ignored.
+:::
+
 ::: info Note
 If you want to entirely block the user from logging in (i.e. account is
 suspended), with no IMAP referral information provided, you must ensure that