[Dovecot] Dovecot + SASL + allow_nets
Marc Cuypers
m.cuypers at mgvd.be
Tue Dec 4 10:42:07 EET 2007
Noel Jones schreef:
> On Dec 3, 2007 7:36 AM, Marc Cuypers <m.cuypers at mgvd.be> wrote:
>> Hi,
>>
>> When using dovecot for authentication of an SASL (postfix) request, i
>> cannot use the allow_nets parameter. The IP-address of the requester is
>> not known in dovecot.
>>
>> I would like to allow sasl for certain users, others are not allowed to
>> access via SASL.
>> Some users can have access to imap and pop3 from certain IP-addresses.
>>
>> How could i combine this in then dovecot configuration?
>>
>> --
>> Best regards,
>>
>> Marc
>>
>
> You can do this in postfix main.cf using the
> smtpd_sasl_exceptions_networks parameter. Normally this parameter
> lists networks *not* allowed to use AUTH, but you can exempt certain
> hosts by proceeding them with a "!". Note that order matters, here;
> exceptions must come before the static:all entry.
>
> For example. to offer AUTH only to 192.0.2.0-192.0.2.255:
> # main.cf
> smtpd_sasl_exceptions_networks = !192.0.2.0/24 static:all
>
> See also
> http://www.postfix.org/postconf.5.html#smtpd_sasl_exceptions_networks
> Or for an alternative method:
> http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keyword_address_maps
>
OK, thanks,
But it is not user related. I want some user to be able to SASL, others
don't.
--
Marc
More information about the dovecot
mailing list