Re: [vchkpw] How disable non-webmail IMAP access?
Alessio Cecchi wrote: Rick Macdougall ha scritto: Alessio Cecchi wrote: Rick Macdougall ha scritto: Hi, What version of vpopmail are you using ? Vpopmail 5.4.10. For you works this patch? With what command you disable IMAP except for 127.0.0.1 ? Hi, Yes it does. From the changelog - vchkpw: classify POP/IMAP connections from select IPs (defaults to 127.0.0.1) as webmail and check NO_WEBMAIL user flag instead of NO_POP and NO_IMAP. One thing to check though, that your webmail client is connecting to 127.0.0.1, and not your external IP. Yes, the webmail client is connetting to 127.0.0.1. What vpopmail command you use to set this options? Hi, I set NO_IMAP via vmoduser Regards, Rick
Re: [vchkpw] How disable non-webmail IMAP access?
Rick Macdougall ha scritto: Alessio Cecchi wrote: Rick Macdougall ha scritto: Hi, What version of vpopmail are you using ? Vpopmail 5.4.10. For you works this patch? With what command you disable IMAP except for 127.0.0.1 ? Hi, Yes it does. From the changelog - vchkpw: classify POP/IMAP connections from select IPs (defaults to 127.0.0.1) as webmail and check NO_WEBMAIL user flag instead of NO_POP and NO_IMAP. One thing to check though, that your webmail client is connecting to 127.0.0.1, and not your external IP. Yes, the webmail client is connetting to 127.0.0.1. What vpopmail command you use to set this options? Thanks -- Alessio Cecchi ++ www.skye.it
Re: [vchkpw] How disable non-webmail IMAP access?
Alessio Cecchi wrote: Rick Macdougall ha scritto: Hi, What version of vpopmail are you using ? Vpopmail 5.4.10. For you works this patch? With what command you disable IMAP except for 127.0.0.1 ? Hi, Yes it does. From the changelog - vchkpw: classify POP/IMAP connections from select IPs (defaults to 127.0.0.1) as webmail and check NO_WEBMAIL user flag instead of NO_POP and NO_IMAP. One thing to check though, that your webmail client is connecting to 127.0.0.1, and not your external IP. Regards, Rick
Re: [vchkpw] How disable non-webmail IMAP access?
Rick Macdougall ha scritto: Hi, What version of vpopmail are you using ? Vpopmail 5.4.10. For you works this patch? With what command you disable IMAP except for 127.0.0.1 ? Thanks -- Alessio Cecchi ++ www.skye.it
Re: [vchkpw] How disable non-webmail IMAP access?
Alessio Cecchi wrote: Rick Macdougall ha scritto: It's a very small patch, you should be able to find the corresponding place in your version of courier-imap to change it. Regards, In fact, i have correctly apply the patch and recompiling with success courier-imap, but have no effect! Hi, What version of vpopmail are you using ? Regards, Rick
Re: [vchkpw] How disable non-webmail IMAP access?
Rick Macdougall ha scritto: It's a very small patch, you should be able to find the corresponding place in your version of courier-imap to change it. Regards, In fact, i have correctly apply the patch and recompiling with success courier-imap, but have no effect! Thanks -- Alessio Cecchi ++ www.skye.it
Re: [vchkpw] How disable non-webmail IMAP access?
Alessio Cecchi wrote: Rick Macdougall ha scritto: Alessio Cecchi wrote: I have a server with qmail+vpopmail 5.4.10, courier-imap 4.0.2, sqwebmail 5.0.1 and horde. I need to disable the IMAP access but no the webmail access. In fact if i disable IMAP, with horde can't login. I have seen vmoddomlimits and vmoduser but i'm able only to disable the IMAP global. I can disable webmail access for sqwebmail with: /home/vpopmail/bin/vmoddomlimits -g w skye.it and /home/vpopmail/bin/vmoduser -w skye.it (what is the difference?) /home/vpopmail/bin/vmoduser -i skye.it should disable IMAP access but not for Webmail, but for me dont'work. What is wrong? Hi, Attached is a patch for courier-imap that you may have to manually add as I forget what version it's for that does exactly that. Thanks Rick, but this patch not work on my server with courier-imap-3.0.8 (with the new courierauthlib in incompatible). It's a very small patch, you should be able to find the corresponding place in your version of courier-imap to change it. Regards, Rick
Re: [vchkpw] How disable non-webmail IMAP access?
Rick Macdougall ha scritto: Alessio Cecchi wrote: I have a server with qmail+vpopmail 5.4.10, courier-imap 4.0.2, sqwebmail 5.0.1 and horde. I need to disable the IMAP access but no the webmail access. In fact if i disable IMAP, with horde can't login. I have seen vmoddomlimits and vmoduser but i'm able only to disable the IMAP global. I can disable webmail access for sqwebmail with: /home/vpopmail/bin/vmoddomlimits -g w skye.it and /home/vpopmail/bin/vmoduser -w skye.it (what is the difference?) /home/vpopmail/bin/vmoduser -i skye.it should disable IMAP access but not for Webmail, but for me dont'work. What is wrong? Hi, Attached is a patch for courier-imap that you may have to manually add as I forget what version it's for that does exactly that. Thanks Rick, but this patch not work on my server with courier-imap-3.0.8 (with the new courierauthlib in incompatible). Thanks -- Alessio Cecchi ++ www.skye.it
Re: [vchkpw] How disable non-webmail IMAP access?
Jason Wilkinson ha scritto: Alessio Cecchi wrote: I have a server with qmail+vpopmail 5.4.10, courier-imap 4.0.2, sqwebmail 5.0.1 and horde. I need to disable the IMAP access but no the webmail access. In fact if i disable IMAP, with horde can't login. I have seen vmoddomlimits and vmoduser but i'm able only to disable the IMAP global. I can disable webmail access for sqwebmail with: /home/vpopmail/bin/vmoddomlimits -g w skye.it and /home/vpopmail/bin/vmoduser -w skye.it (what is the difference?) /home/vpopmail/bin/vmoduser -i skye.it should disable IMAP access but not for Webmail, but for me dont'work. What is wrong? Can you use iptables to firewall access to that port from anywhere other than your horde server? No because the goal of vpopmail limits is to set the limits for domain or single user. Thanks -- Alessio Cecchi ++ www.skye.it
Re: [vchkpw] How disable non-webmail IMAP access?
Alessio Cecchi wrote: I have a server with qmail+vpopmail 5.4.10, courier-imap 4.0.2, sqwebmail 5.0.1 and horde. I need to disable the IMAP access but no the webmail access. In fact if i disable IMAP, with horde can't login. I have seen vmoddomlimits and vmoduser but i'm able only to disable the IMAP global. I can disable webmail access for sqwebmail with: /home/vpopmail/bin/vmoddomlimits -g w skye.it and /home/vpopmail/bin/vmoduser -w skye.it (what is the difference?) /home/vpopmail/bin/vmoduser -i skye.it should disable IMAP access but not for Webmail, but for me dont'work. What is wrong? Hi, Attached is a patch for courier-imap that you may have to manually add as I forget what version it's for that does exactly that. Regards, Rick --- preauthvchkpw.c.ori Tue Nov 23 09:52:52 2004 +++ preauthvchkpw.c Tue Nov 23 09:55:42 2004 @@ -57,6 +57,15 @@ static char User[256]; static char Domain[256]; +/* IMAP connections from the following IPs will be classified as +* "web mail" instead of IMAP. On single-server networks, this +* will typically be just 'localhost'. For clusters, add the IP +* addresses of all webmail servers. +*/ +char *webmailips[] = { "127.0.0.1" }; +char*IpAddr; +int i; + /* Make sure the auth struct is empty */ memset(&auth, 0, sizeof(auth)); @@ -92,6 +101,19 @@ dprintf("vchkpw: user does not exist"); return (-1); } + + /* Check for local connection and change imap or pop +* to webmail + */ + +if ( (IpAddr = get_remote_ip()) == NULL) IpAddr=""; + +for (i = 0; i < (sizeof(webmailips)/sizeof(webmailips[0])); i++) { +if (strcmp (IpAddr, webmailips[i]) == 0) { +strcpy(service,"webmail"); +break; +} +} /* Look at what type of connection we are trying to auth. * And then see if the user is permitted to make this type
RE: [vchkpw] How disable non-webmail IMAP access?
Alessio Cecchi wrote: > I have a server with qmail+vpopmail 5.4.10, courier-imap 4.0.2, > sqwebmail 5.0.1 and horde. > > I need to disable the IMAP access but no the webmail access. In fact > if i disable IMAP, with horde can't login. > > I have seen vmoddomlimits and vmoduser but i'm able only to disable > the IMAP global. > > I can disable webmail access for sqwebmail with: > > /home/vpopmail/bin/vmoddomlimits -g w skye.it > and > /home/vpopmail/bin/vmoduser -w skye.it > (what is the difference?) > > > /home/vpopmail/bin/vmoduser -i skye.it should disable IMAP access but > not for Webmail, but for me dont'work. > > What is wrong? Can you use iptables to firewall access to that port from anywhere other than your horde server?