IMAP Permissions per IP
Aki Tuomi
aki.tuomi at open-xchange.com
Mon Aug 10 08:31:13 EEST 2020
On 10.8.2020 0.58, Jorge Bastos wrote:
>
> Howdy,
>
>
>
> Is it possible to define IMAP permissions per IT?
>
> What i would like to do is:
>
>
>
> * IP 1.1.1.1 IS THE ONLY ONE that has permission for EXPUNGE
>
>
>
> Is it possible?
>
> Thanks in advanced,
>
Hi!
This is possible, but can be bit tricky to get right.
It involves setting up userdb
userdb {
driver = passwd-file
args = username_format=%r /etc/dovecot/acl.passwd
}
this should be after the one where your users are defined. The previous
userdb should have setting result_success=continue-ok.
the passwd file has lines like
1.1.1.1:*::::: userdb_acl_groups=expunger
then you setup ACL plugin
mail_plugins=$mail_plugins acl
plugin {
acl = vfile:/etc/dovecot/acl
acl_globals_only = yes
}
and have lines like these in the ACL file
* authenticated lrwstipkx
* group-override=expunger lrwstipekx
Aki
More information about the dovecot
mailing list