[Dovecot] Restrict user on IMAP or POP
Geert Hendrickx
ghen at telenet.be
Fri Feb 15 16:36:01 EET 2008
On Thu, Feb 14, 2008 at 06:17:51PM +0200, Timo Sirainen wrote:
> On Thu, 2008-02-14 at 11:12 -0500, Sebastien Roy wrote:
>
> > Is it possible to deny a user on POP or IMAP! For example, on the
> > primary server we use POP3 and IMAP but how I can force a user to use
> > POP3 and be unable to authenticate on IMAP ?
>
> http://wiki.dovecot.org/Authentication/RestrictAccess
There are some clever tricks on that page to keep the LDAP/SQL database
Dovecot-agnostic and putting the logic in the query. Do you know a similar
trick for allow_nets; I have users stored in a PgSQL database and want to
allow everyone from our local network (a combination of three CIDR blocks),
and only some users from the Internet (0/0). Is it possible to do this
using a simple boolean (y/n) "remote" column in my users table? i.e.
remote=n should be mapped to allow_nets=x.y.z.0/24,a.b.c.0/24,d.e.0.0/16
and remote=y to allow_nets=0/0.
If the %a (local port) variable where available in the imap service, this
could be done by binding imap to two ports and using "remote = true or '%a'
= '143'", and redirect the public port on the NAT-router to the other
(non-standard) port on the server.
Geert
More information about the dovecot
mailing list