[Dovecot] Per user based protocol access and pause after failed login?
Mart Pirita
sysadmin at e-positive.ee
Sun Jun 17 01:16:45 EEST 2007
Tere.
> %c expands to "secured" or empty. So you could use eg.
> passdb pam {
> args = %s%c
> }
>
> and create imap, imapsecured, pop3, pop3secured
>
>
More better, so for example user1 can access only imaps, using Yous
suggestion, I have to list all users, except user1 in imap, pop3,
pop3secured.
But it should works also in other way, that by default all users are
allowed to use all protocols and then I exclude user1 from imap, pop3,
pop3secured. So I tried:
passdb pam {
args = %s%c
}
/etc/pam.d/ includes imap, imapsecured, pop3, pop3secured files which
includes:
auth required
pam_nologin.so
auth required pam_stack.so
service=system-auth
account required pam_stack.so
service=system-auth
session required pam_stack.so service=system-auth
and only imapsecured has this line:
auth required pam_listfile.so item=user sense=deny file=/etc/imapsusers
onerr=succeed
and /etc/imapsusers includes user1
But now even pop user can't login:(.
--
Mart
More information about the dovecot
mailing list