Restrict IMAP login, but allow Postfix SASL

Lucas Rolff lucas at lucasrolff.com
Wed Jun 1 11:57:44 UTC 2022


allow_nets with `local,127.0.0.1/32` defined, should do the trick - this assumes you don’t have any webmail running on the same host, since that would still allow authentication.

https://doc.dovecot.org/configuration_manual/authentication/allow_nets/

I use allow_nets to “suspend” user logins, but allow LMTP to continue to function for example.

On 1 Jun 2022, at 13:40, lutz.niederer at gmx.net<mailto:lutz.niederer at gmx.net> wrote:

Hi,

we have a very simple user-/passdb (like passwd) to authenticate virtual IMAP users.
We also use this for Postfix authentication.  Nothing special.

But, we need to exclude some of the users from IMAP login.
This means, some users should be allowed to send mail via Postfix (submission) and therefore
authenticate via SASL against dovecot successfully, but they should not be allowed to login
to their IMAP mail box.

How could this be done?

Thanks!
-lutzn



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20220601/9504979c/attachment-0001.htm>


More information about the dovecot mailing list