[Dovecot] Method to globally limit network access
G'day All,
I am new to dovecot. I've run across the "allow_net" to restrict access on what seems like a per user basis. Is the a way to global limit access to one or more networks?
Marcus O.
Hello,
Marcus O. White wrote:
I am new to dovecot. I've run across the "allow_net" to restrict access on what seems like a per user basis. Is the a way to global limit access to one or more networks?
What about using a firewall like iptables for that? :)
Regards, Philipp
G"day Phillips,
Thanks for the info... However, I was looking for something more within Dovecot itself or possibly be able to use tcpwrappers. Using iptables and tcpwrappers can become quite tedious if used in the fashion. Any other ideas? BTW this is for a RHEL5/FC6 environment.
Marcus O.
On Sun, 2007-04-29 at 15:30 +0200, Philipp Wollermann wrote:
Hello,
Marcus O. White wrote:
I am new to dovecot. I've run across the "allow_net" to restrict access on what seems like a per user basis. Is the a way to global limit access to one or more networks?
What about using a firewall like iptables for that? :)
Regards, Philipp
Marcus O. White wrote:
G'day All,
I am new to dovecot. I've run across the "allow_net" to restrict access on what seems like a per user basis. Is the a way to global limit access to one or more networks?
Umm... you already found it (but you probably already realized this)... but it is 'allow_nets'... ;)
http://wiki.dovecot.org/PasswordDatabase/ExtraFields/AllowNets...
Kind of limiting, though... I like to be able to access my email from anywhere...
A nice enhancement might be a way to allow access from outside only to 'allowed_external_users' or something like that...
--
Best regards,
Charles
Charles Marcus wrote:
Marcus O. White wrote:
G'day All,
I am new to dovecot. I've run across the "allow_net" to restrict access on what seems like a per user basis. Is the a way to global limit access to one or more networks?
Umm... you already found it (but you probably already realized this)... but it is 'allow_nets'... ;)
My bad - didn't read closely enough that this is a passdb thingie (been doing that a lot lately)...
--
Best regards,
Charles
On Mon, 2007-04-30 at 08:26 -0400, Charles Marcus wrote:
Charles Marcus wrote:
Marcus O. White wrote:
G'day All,
I am new to dovecot. I've run across the "allow_net" to restrict access on what seems like a per user basis. Is the a way to global limit access to one or more networks?
Umm... you already found it (but you probably already realized this)... but it is 'allow_nets'... ;)
My bad - didn't read closely enough that this is a passdb thingie (been doing that a lot lately)...
G'day Charles,
Looks like the only way is to use iptables as you first suggested. I was hoping to find method within dovecot or by possibly using tcpwrappers. On a RHEL/FC system modifying the /etc/sysconfig/iptables file to include the source (ie -s 192.168.1.0/24) to limit access works, but then one could no longer use the system-config-securitylevel command to modify the file.
Marcus O.
participants (4)
-
Charles Marcus
-
Marcus O. White
-
Marcus White
-
Philipp Wollermann