Sam Varshavchik wrote:
Rick Weinbender writes:
Is there a way to disable sqwebmail for certain users?
Change their password.
What if I wanted the user to be able to access their mail from a
standard Mail Client such as Mozilla, but disable them from accessing
their mail via sqwebmail from their browser.
*
I have sqwebmail running with qmail, so if I change the password, I believe
they couldn't get their mail at all. Isn't that right?
*
Anyway, this is not a burning issue for me, I was just curious.
Thanks,
-Rick
You could instead supply an extra field in MySQL or PgSQL if you use one of those authentication methods. Both of those authenticators allow for complete redefinition of the SQL "select" statement (or just adding an extra clause) in which you could require that a new field, e.g. "allowedservices", must contain the string "webmail", for the authentication to succeed.
Just define which services they are allowed to use in a new field, and check the value of the $(service) variable provided by authdaemon during auth requests. At least, I *believe* that "webmail" is the value it uses for the sqwebmail service's requests anyway. It could be slightly different though, if my memory is faulty.
Rick, the settings in case you're interested in finding them in the config files are: PGSQL_SELECT_CLAUSE for PgSQL, and MYSQL_SELECT_CLAUSE for MySQL, I believe. -- It's my impression that PGSQL_/MYSQL_WHERE_CLAUSE would both also support the $(service) variable, but I've never actually used the variable as part of the check, so I'm not 100% sure of the *_WHERE_CLAUSE support.
Of course, it only works with the SQL auth methods (and maybe LDAP??? I dunno)... but it would work nicely enough if you happen to use PgSQL for authentication like I do.
-James
