From 4e144a6219b5aad17ee80e61786cf310b62a99e9 Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Wed, 25 Sep 2024 10:37:20 +0300 Subject: [PATCH] auth/passdb: Document nologin behavior with lmtp and doveadm --- data/updates.js | 1 + docs/core/config/auth/passdb.md | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/data/updates.js b/data/updates.js index 6ef76b230..fc146fc67 100644 --- a/data/updates.js +++ b/data/updates.js @@ -42,6 +42,7 @@ export const updates = { ja3_identifier: '2.4.0', lazy_expunge_namespace: '2.3.0', ldap_multi_added: '2.4.0', + lmtp_nologin_added: '2.4.0', lua_auth_init: '2.4.0', lua_dns_client: '2.4.0', lua_script_init: '2.4.0', diff --git a/docs/core/config/auth/passdb.md b/docs/core/config/auth/passdb.md index 18bfd7577..e0afc1c99 100644 --- a/docs/core/config/auth/passdb.md +++ b/docs/core/config/auth/passdb.md @@ -501,6 +501,15 @@ assume that the password was given wrong, so it might not be a good idea to use this unless the system will be down for days and you don't have a better way to notify the users. +::: warning +The `nologin` field is mainly intended for user logins (IMAP, POP3, +ManageSieve). It is ignored with `doveadm`, because the intention is that admin +could still be able to access a disabled user via `doveadm`. + +[[changed,lmtp_nologin_added]] The `nologin` field prevents LMTP access now +as long as [[setting,lmtp_proxy,yes]]. However, the `reason` field is ignored. +::: + ::: info Note If you want to entirely block the user from logging in (i.e. account is suspended), with no IMAP referral information provided, you must ensure that