Net Cerebrum wrote:
(a) I want to permit only selective users to access either POP3 or IMAP server or both.
This is easy, assuming you're using PAM for user authentication. Edit /etc/dovecot.conf and set auth_passdb = pam *
Then Dovecot will use different PAM configurations for POP3 and IMAP.
You can set up the initial PAM services as copies of the Dovecot service:
cd /etc/pam.d
cp dovecot pop3
cp dovecot imap
Then you can edit /etc/pam.d/pop3 and /etc/pam.d/imap to define whatever criteria you want for who can use POP3 and who can use IMAP. We use a simple text file, /etc/imapusers, and have Dovecot deny POP3 access to anyone who's listed in imapusers. To do that, we insert the following line at the beginning of /etc/pam.d/pop3: auth required /lib/security/$ISA/pam_listfile.so item=user file=/etc/imapusers sense=deny
See /usr/share/doc/pam* for other ways to use PAM to permit or deny users.
(b) The server can be accessed from LAN as well as WAN. However I want to allow only selective users to be able to access POP3 or IMAP server from the WAN side (or on the basis of IP addresses).
A POP3/IMAP proxy might be able to do this. You'd have to set it up on a separate machine (or on separate ports), force WAN users to go through it, and configure the proxy to only let certain users log in. I don't know if there are any POP3/IMAP proxies that permit selective logins like this, so I don't know if this will work.
Josh Kelley