Dan Pollock
2014-Apr-22 09:33 UTC
[Dovecot] Allowing non-SSL connections only for certain Password Databases
I'm trying to set up my system (using Dovecot 2.0.9) so that certain Password Databases are available over pop3 and imap and others are available over pop3s and imaps. In particular, I would like users to be able to connect without SSL to accounts set up in vpopmail, but to require SSL for system accounts. Is there a way to set "disable_plaintext_auth" to different values for different Password Databases? Is there another way to do it? Thank you, Dan
Urban Loesch
2014-Apr-22 13:31 UTC
[Dovecot] Allowing non-SSL connections only for certain Password Databases
Hi,> > Is there a way to set "disable_plaintext_auth" to different values for different Password Databases? Is there another way to do it? >Why do you not force SSL for all users? I have no idea how this could be made with different databases. I have only build a solution for all users stored in mysql. I'm able to force SSL for imap and pop3 on a per user basis with e.g.: ... password_query = SELECT password FROM users WHERE userid = '%u' AND allow_login = 'y' AND ( force_ssl = 'y' OR '%c' = 'secured'); ... Query adopted from: http://wiki2.dovecot.org/Authentication/RestrictAccess For available variables see: http://wiki2.dovecot.org/Variables As I just said, this works for me, but only for users stored in mysql. Regards Urban