[qmailtoaster] Disabling IMAP/webmail access
I´m managing a qmail-toaster server, and I need to block IMAP access to some users, but not webmail. The webmail soft and qmail service are running in the same hardware. Looking at vpopmail's parameters, there are some flags to apply this kind of filters: [EMAIL PROTECTED] ~]# /home/vpopmail/bin/vmoduser vmoduser: usage: [options] email_addr or domain (for each user in domain) (...) the following options are bit flags in the gid int field -x ( clear all flags ) -d ( don't allow user to change password ) -p ( disable POP access ) -s ( disable SMTP AUTH access ) -w ( disable webmail [IMAP from localhost*] access ) ( * full list of webmail server IPs in vchkpw.c ) -i ( disable non-webmail IMAP access ) -b ( bounce all mail ) (...) But, guess what! they don't work as expected. If I set the w flag, nothing happens, the user is able to access webmail as well as IMAP. If I set the i flag, the user can´t access webmail nor IMAP. I check the vchkpw.c file in the sources, and it defines clearly 127.0.0.1as a webmail server. I don´t want anyone to start coding or patching to solve my problem, I just wanted to know if someone has implemented this kind of filter successfuly. Salutti, Natalio.
Re: [qmailtoaster] Disabling IMAP/webmail access
Hi there, Did you check that the webmail soft is really using localhost to connect or perhaps it has been configured to use the FQDN and is therefore treated as coming from outside? You probably have, it's just that reading your post I wondered as you had not mentioned it. Martin -- What a fool believes he sees, no wise man has the power to reason away... Doobie Brothers Zitat von Natalio Gatti [EMAIL PROTECTED]: I´m managing a qmail-toaster server, and I need to block IMAP access to some users, but not webmail. The webmail soft and qmail service are running in the same hardware. Looking at vpopmail's parameters, there are some flags to apply this kind of filters: [EMAIL PROTECTED] ~]# /home/vpopmail/bin/vmoduser vmoduser: usage: [options] email_addr or domain (for each user in domain) (...) the following options are bit flags in the gid int field -x ( clear all flags ) -d ( don't allow user to change password ) -p ( disable POP access ) -s ( disable SMTP AUTH access ) -w ( disable webmail [IMAP from localhost*] access ) ( * full list of webmail server IPs in vchkpw.c ) -i ( disable non-webmail IMAP access ) -b ( bounce all mail ) (...) But, guess what! they don't work as expected. If I set the w flag, nothing happens, the user is able to access webmail as well as IMAP. If I set the i flag, the user can´t access webmail nor IMAP. I check the vchkpw.c file in the sources, and it defines clearly 127.0.0.1as a webmail server. I don´t want anyone to start coding or patching to solve my problem, I just wanted to know if someone has implemented this kind of filter successfuly. Salutti, Natalio. This message was sent using IMP, the Internet Messaging Program. binqxogjoFpAi.bin Description: Öffentlicher PGP-Schlüssel - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Disabling IMAP/webmail access
Yep, I checked it, and webmail uses 127.0.0.1 to connect to the imap service. On Fri, Oct 10, 2008 at 11:09 AM, Martin Waschbuesch [EMAIL PROTECTED]wrote: Hi there, Did you check that the webmail soft is really using localhost to connect or perhaps it has been configured to use the FQDN and is therefore treated as coming from outside? You probably have, it's just that reading your post I wondered as you had not mentioned it. Martin -- What a fool believes he sees, no wise man has the power to reason away... Doobie Brothers Zitat von Natalio Gatti [EMAIL PROTECTED]: I´m managing a qmail-toaster server, and I need to block IMAP access to some users, but not webmail. The webmail soft and qmail service are running in the same hardware. Looking at vpopmail's parameters, there are some flags to apply this kind of filters: [EMAIL PROTECTED] ~]# /home/vpopmail/bin/vmoduser vmoduser: usage: [options] email_addr or domain (for each user in domain) (...) the following options are bit flags in the gid int field -x ( clear all flags ) -d ( don't allow user to change password ) -p ( disable POP access ) -s ( disable SMTP AUTH access ) -w ( disable webmail [IMAP from localhost*] access ) ( * full list of webmail server IPs in vchkpw.c ) -i ( disable non-webmail IMAP access ) -b ( bounce all mail ) (...) But, guess what! they don't work as expected. If I set the w flag, nothing happens, the user is able to access webmail as well as IMAP. If I set the i flag, the user can´t access webmail nor IMAP. I check the vchkpw.c file in the sources, and it defines clearly 127.0.0.1as a webmail server. I don´t want anyone to start coding or patching to solve my problem, I just wanted to know if someone has implemented this kind of filter successfuly. Salutti, Natalio. This message was sent using IMP, the Internet Messaging Program. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]