>Another way that would already work is to creatively use %r variable and >SQL passdb. > > Can you elaborate on that one ? The inetd way would not be my favorite at all. A third way would be to use iptables with user recognition, but this would affect only the imap or pop process, not the login as it runs under "dovecot". JC