John Robinson wrote:
Just bumping my own question. On 10/02/2007 03:01, I wrote: [...]
What I want to arrange is for users with shell accounts not to be succeed in logging in to Dovecot without using TLS/SSL. I'll have to allow unencrypted logins (for non-shell users), but I want to reject/refuse such a login from someone with a shell account. [...] I've had a go but got it wrong. What should I do to get it right?
Anyone? Please?
Cheers,
John.
You could run two different Dovecot configurations simultaneously, one for SSL (not listening on the non-SSL ports) authenticating against shell or non-shell (having multiple passdb/authdbs probably) and one for non-SSL that authenticates only non-shell users. (This doesn't handle the TLS, alas, but most clients use SSL anyway, I think).
Hope this helps, Chris
-- --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+- Christopher Wakelin, c.d.wakelin@reading.ac.uk IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439 Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094