Conditional SASL authentication
Steffen Kaiser
skdovecot at smail.inf.fh-brs.de
Wed Feb 25 06:29:53 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 24 Feb 2015, Luciano Mannucci wrote:
> On Tue, 24 Feb 2015 18:56:03 +0100
> Reindl Harald <h.reindl at thelounge.net> wrote:
>
>> * if you cahnge the pwd SASL auth is taken away
> True.
> But this way the user will be unable to read his/her mail, including
> my message saying "Hey, you've got a new virus!".
OK, I had the task to disallow somebody to use SMTP, but allow to use
IMAP. I use LDAP and my pass_filter contains: (!(deniedService=%Ls))
deniedService is a locally created string attribute. I don't know what
postfix-Dovecot-SASL uses as "service", but it should be something like
smtp. With LDAP or SQL you can block users (or even select passwords) by
service string. See http://wiki2.dovecot.org/Variables for more options.
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEVAwUBVO1r4Xz1H7kL/d9rAQL83ggApmDjmx4+97oKJYsrDIWmbZfLLyam6sTJ
Sk6G3/Qh4pHDZBS/G55VeThwTO9UCvh9u2RL8pAWMnOyF576YduE6Q/xBvksnKXQ
/+qaO1aOQxuEKwCqcoLh+k7q6kanMqxhgHvF86aO9ifEz7BaCP/doN65gKZuXUg9
ywBqS22guTlN4Lwuuhn8hoZi5OILs/WqD+Ym45VwMQz8wrS5Vq0WxzECkhFxewMa
lebS7B6CePokF4x8J4xalH/yRTlJo3sDk89xTEYmv6CWMNnRiL1XB2dO4+MdxXH9
E7CAF328DHLN2ZiZwCmLjyOS3lA8pgWaib0wcSP+D09Qi/mUYWXi9Q==
=cJoL
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list