It would be great to have a HOWTO in the wiki, on how to restrict
services by username in dovecot, so some users are allowed IMAP
and others not allowed.
As concerns restricting users by IP, I believe that is a bad idea.
It's almost a useless idea, imnsho, because they can connect from
another IP.
It's easy to restrict services by IP using a firewall or by using
inetd.
-Wash
http://www.netmeister.org/news/learn2quote.html
DISCLAIMER: See http://www.wananchi.com/bms/terms.php
--
+======================================================================+
|\ _,,,---,,_ | Odhiambo Washington <wash at wananchi.com>
Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com
|,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922
'---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733
744121
+======================================================================+
Don't take life too seriously -- you'll never get out of it alive.
Odhiambo WASHINGTON wrote:> It would be great to have a HOWTO in the wiki, on how to restrict > services by username in dovecot, so some users are allowed IMAP > and others not allowed. > > As concerns restricting users by IP, I believe that is a bad idea. > It's almost a useless idea, imnsho, because they can connect from > another IP. > It's easy to restrict services by IP using a firewall or by using > inetd.That can be done, at least, with a SQL passwd db, see: http://wiki.dovecot.org/Authentication/RestrictAccess -- Rui Lopes
Hello Odhiambo, Odhiambo WASHINGTON, 24.08.2006 (d.m.y):> As concerns restricting users by IP, I believe that is a bad idea. > It's almost a useless idea, imnsho, because they can connect from > another IP. > It's easy to restrict services by IP using a firewall or by using > inetd.IMO it would be great if dovecot could use tcpd/libwrap... Regards, Christian Schmidt -- Eine Reise beginnt mit einem einzigen Schritt. -- Chinesisches Sprichwort