[Dovecot] restrict webmail access
Hi I'm using dovecot imap with ldap accounts. User management interface is phamm. Internal clients connect directly using imap client. External clients must use webmail (squirrelmail). But not everyone is supposed to use webmail. Is there any way to control who is allowed to log in from a specific IP (webmail ip)? Thanx for suggestions Jan
Re: [Dovecot] restrict webmail access
On Aug 12, 2008, at 10:35 AM, Jan wrote: I'm using dovecot imap with ldap accounts. User management interface is phamm. Internal clients connect directly using imap client. External clients must use webmail (squirrelmail). But not everyone is supposed to use webmail. Is there any way to control who is allowed to log in from a specific IP (webmail ip)? So you want to deny webmail access to some users but still allow them to log in directly via IMAP? You could do that with SQL passdb or checkpassword script, but there's really no way to do it with LDAP. Well, or one last possibility would be to allow the user to log in but immediately disconnect him by checking the access in post-login script: http://wiki.dovecot.org/PostLoginScripting PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] restrict webmail access
Am 12.08.2008 16:35 schrieb Jan: Hi I'm using dovecot imap with ldap accounts. User management interface is phamm. Internal clients connect directly using imap client. External clients must use webmail (squirrelmail). But not everyone is supposed to use webmail. Is there any way to control who is allowed to log in from a specific IP (webmail ip)? Hi Jan, yes, it's possible to restrict the access for some/all users to a given network range. More information: http://wiki.dovecot.org/PasswordDatabase/ExtraFields/AllowNets Regards, Pascal
Re: [Dovecot] restrict webmail access
On Aug 12, 2008, at 2:40 PM, Pascal Volk wrote: Am 12.08.2008 16:35 schrieb Jan: Hi I'm using dovecot imap with ldap accounts. User management interface is phamm. Internal clients connect directly using imap client. External clients must use webmail (squirrelmail). But not everyone is supposed to use webmail. Is there any way to control who is allowed to log in from a specific IP (webmail ip)? Hi Jan, yes, it's possible to restrict the access for some/all users to a given network range. More information: http://wiki.dovecot.org/PasswordDatabase/ExtraFields/AllowNets There's no negative though, so it's not possible to deny access from given network range.. Well, except using an extra passdb with deny=yes. PGP.sig Description: This is a digitally signed message part
