Disallow acces via imap, but keep lmtp running
Hi all,
what is the best way to temporarily disable access to a mailbox via imap, but keep it possible to deliver to the mailbox via lmtp? I want to migrate some mailboxes around and would like to ensure that the users cannot access their mail while doing so. I would like to keep the users from logging in entirely rather than setting ACLs.
Thanks in advance Julian
On 16/12/20 6:16 am, Julian Kippels wrote:
Hi all,
what is the best way to temporarily disable access to a mailbox via imap, but keep it possible to deliver to the mailbox via lmtp? I want to migrate some mailboxes around and would like to ensure that the users cannot access their mail while doing so. I would like to keep the users from logging in entirely rather than setting ACLs.
Thanks in advance Julian
Comment out the sections in dovecot.conf that configure the imap service but leave the lmtp service running.
Alternatively set an iptables rule to block the imap and imaps ports.
-- Jeremy
On Wed, 16 Dec 2020, Plutocrat wrote:
On 16/12/2020 06.16, Julian Kippels wrote:
what is the best way to temporarily disable access to a mailbox via imap, but keep it possible to deliver to the mailbox via lmtp?
Block IMAP ports on the firewall?
passdb with "deny=yes"? Or if IMAP is the only authenticated service, munge their password hash.
Joseph Tam <jtam.home@gmail.com>
Hi Julian,
For migration solution in production I wrote a big Script that, the main steps (in this mail without error handling):
1.) Copy the complete user account to the new box by rsync (rysnc is faster than doveadm backup). 2.) Update new destination in a loop (min=2, max=10, retry on error 75): doveadm backup -u $USER tcp:${NEW_MBOX}:${DADM_PORT} 3.) Change LDAP to new destination and kick user on old box. 4.) Call a latest sync for possible new mails on old box: doveadm sync -1 u $USER tcp:${NEW_MBOX}:${DADM_PORT}"
The Script has migrate millions of accounts in production. I use "parallel" to optimize the runtime.
Jens
Hi all,
what is the best way to temporarily disable access to a mailbox via imap, but keep it possible to deliver to the mailbox via lmtp? I want to migrate some mailboxes around and would like to ensure that the users cannot access their mail while doing so. I would like to keep the users from logging in entirely rather than setting ACLs.
Thanks in advance Julian
participants (5)
-
Jens Urban
-
Jeremy Ardley
-
Joseph Tam
-
Julian Kippels
-
Plutocrat