Commits

Zhang Huangbin committed 614732a

Improve SQL query statement for webmail access.

Comments (0)

Files changed (1)

iRedMail/samples/dovecot/dovecot-sql.conf

+# (mailbox.enable%Ls%Lc=1 AND '%r'<>'127.0.0.1') means accessing mailbox via
+#   IMAP or IMAP over TLS on non-localhost (127.0.0.1)
+#
+# (mailbox.enablewebmail=1 AND '%Ls%Lc'='imapsecured' AND '%r' IN ('127.0.0.1'))
+#   means accessing webmail hosted on '127.0.0.1' via IMAP over TLS. If you
+#   want to allow remote access from webmail hosted on other servers, please
+#   extend the list and reload/restart Dovecot service.
+#   WARNING: It's not recommended to access mailbox from webmail with insecure
+#   IMAP protocol.
+
 driver = PH_SQL_DRIVER
 default_pass_scheme = CRYPT
 connect = host=PH_SQL_SERVER dbname=PH_VMAIL_DB user=PH_VMAIL_DB_BIND_USER password=PH_VMAIL_DB_BIND_PASSWD
 FROM mailbox,domain \
 WHERE mailbox.username='%u' \
     AND mailbox.domain='%d' \
-    AND (mailbox.enable%Ls%Lc=1 OR (mailbox.enablewebmail=1 AND '%Ls%Lc'='imapsecured' AND '%r'='127.0.0.1')) \
+    AND ((mailbox.enable%Ls%Lc=1 AND '%r'<>'127.0.0.1') OR (mailbox.enablewebmail=1 AND '%Ls%Lc'='imapsecured' AND '%r' IN ('127.0.0.1'))) \
     AND mailbox.domain=domain.domain \
     AND domain.backupmx=0 \
     AND domain.active=1 \