Hello,

I have a problem to which I have not been able to find a solution by myself or online.

I have Dovecot running together with Qmail on a CentOS server. I need to be able to control which users are allowed IMAP access and at the same time allow IMAP access for all users when the requests are coming from a specific IP.

My problem has two parts, detailed below.

1. PAM not working to allow access only for specified users

Right now I am controlling IMAP access with [vmoduser -i] in Qmail which is not what I want. I need the IMAP access to be closed for everyone and then specify which users are allowed to access. I tried using [pam.d] for this as per http://wiki.dovecot.org/Authentication/RestrictAccess but although I am not getting any errors, all users are still allowed access unless I block them with [vmoduser -i].

In [dovecot.conf] I have: passdb pam { args = * }

In [/etc/pam.d/imap] I have: auth required pam_listfile.so item=user sense=allow file=/etc/imapusers onerr=fail

And in [/etc/imapusers] I have specified the only users that should have access.

Any ideas why this isn't working?

2. Allow access for all users coming from a specific IP

I have a Roundcube installation running on an external server and I need *all* my users to be able to use the Webmail regardless if they have IMAP or only POP access from their computer or mobile devices.

Using PAM I tried in [/etc/pam.d/imap]: auth required pam_listfile.so item=user sense=allow file=/etc/imapusers onerr=fail allow_nets=127.0.0.0/8,192.168.0.0/16,1.2.3.4

...where the webmail installation would be installed at IP [1.2.3.4]. But no luck!

Please - if there are anyone with ideas I could really use them. I have been going around in circles for the last couple of weeks and I don't know what to do!

Sincerely, Daniel