[Dovecot] Restrict user on IMAP or POP

Geert Hendrickx ghen at telenet.be
Fri Feb 15 16:36:01 EET 2008


On Thu, Feb 14, 2008 at 06:17:51PM +0200, Timo Sirainen wrote:
> On Thu, 2008-02-14 at 11:12 -0500, Sebastien Roy wrote:
> 
> > Is it possible to deny a user on POP or IMAP!   For example, on the 
> > primary server we use POP3 and IMAP but how I can force a user to use 
> > POP3 and be unable to authenticate on IMAP ?
> 
> http://wiki.dovecot.org/Authentication/RestrictAccess


There are some clever tricks on that page to keep the LDAP/SQL database
Dovecot-agnostic and putting the logic in the query.  Do you know a similar
trick for allow_nets;  I have users stored in a PgSQL database and want to
allow everyone from our local network (a combination of three CIDR blocks),
and only some users from the Internet (0/0).  Is it possible to do this
using a simple boolean (y/n) "remote" column in my users table?  i.e.
remote=n should be mapped to allow_nets=x.y.z.0/24,a.b.c.0/24,d.e.0.0/16
and remote=y to allow_nets=0/0.

If the %a (local port) variable where available in the imap service, this
could be done by binding imap to two ports and using "remote = true or '%a'
= '143'", and redirect the public port on the NAT-router to the other
(non-standard) port on the server.

	Geert




More information about the dovecot mailing list