[Dovecot] Disable IMAP for ONE user only
SIW
bov at bsdpanic.com
Mon May 5 20:44:23 UTC 2014
Hi Rick
I really appreciate your response!
Unfortunately my SQL is, how can we say, very basic. I built my server
using the Linode guide at:
https://library.linode.com/email/postfix/postfix2.9.6-dovecot2.0.19-mysql
Currently my password query looks as follows:
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';
I'm not familiar with VPopMail, would I need it in this situation?
Currently I use Postfix/Dovecot/MySQL/Apache/Roundcube.
On 05/05/2014 21:32, Rick Romero wrote:
> Quoting Professa Dementia <professa at dementianati.com>:
>
>> On 5/5/2014 1:05 PM, SIW wrote:
>>> Thats a good point.
>>>
>>> If I block IMAP/SMTP access to ONE user does that mean that particular
>>> user can't use Roundcube anymore?
>>
>> That is correct. If you block IMAP, then webmail will not work.
>>
>
> Not necessarily.
>
> From:
> http://wiki2.dovecot.org/AuthDatabase/VPopMail
>
> "logically this means: show password for user=%n at domain=%d when
> imap on
> the account is not disabled and connection is not comming from localhost
> when webmail access on the account is not disabled and if imap for the
> domain is not disabled and (connection is not comming from localhost when
> webmail access for the domain is not disabled) when vlimits are not
> overriden on the account "
> #
> password_query = select pw_passwd as password FROM vpopmail LEFT JOIN
> limits ON vpopmail.pw_domain=limits.domain WHERE pw_name='%n' and
> pw_domain='%d' and !(pw_gid & 8) and ('%r'!='127.0.0.1' or !(pw_gid & 4))
> and ( ('%r'!='127.0.0.1' or COALESCE(disable_webmail,0)!=1) and
> COALESCE(disable_imap,0)!=1 or (pw_gid & 8192) );
>
> So construct your SQL query in a way that your bit field in MySQL
> disables
> all access for a single user except when the source IP is your webmail
> server.
>
> If you want multiple passwords, you can modify the password_query with
> iif
> statements based on the source IP or protocol.
>
> Like:
> select iif(%r == '127.0.0.1' & pw_name== 'yourname' &
> pw_domain='yourdomain',pw_webmailpasswrd,pw_passwd) as pw_passwd from
> vpopmail .....
> Of course that's specific to the vpopmail table... modify as needed for
> your own table structure...
>
> Rick
More information about the dovecot
mailing list