thr3ads.net - dovecot - [Dovecot] Problem with PAM, vpopmail and Roundcube [Oct 2013]

If this information is useful, please help other people find it:
Share via:

ede at ede.com.ec

2013-Oct-12 22:01 UTC

[Dovecot] Problem with PAM, vpopmail and Roundcube

Hello,

I have a problem to which I have not been able to find a solution by 
myself or online.

I have Dovecot running together with Qmail on a CentOS server. I need 
to be able to control which users are allowed IMAP access and at the 
same time allow IMAP access for all users when the requests are coming 
from a specific IP.

My problem has two parts, detailed below.

-----------------------------------------------------------
1. PAM not working to allow access only for specified users
-----------------------------------------------------------

Right now I am controlling IMAP access with [vmoduser -i] in Qmail 
which is not what I want. I need the IMAP access to be closed for 
everyone and then specify which users are allowed to access. I tried 
using [pam.d] for this as per 
http://wiki.dovecot.org/Authentication/RestrictAccess but although I am 
not getting any errors, all users are still allowed access unless I 
block them with [vmoduser -i].

In [dovecot.conf] I have:
passdb pam {
   args = *
}

In [/etc/pam.d/imap] I have:
auth required pam_listfile.so item=user sense=allow file=/etc/imapusers 
onerr=fail

And in [/etc/imapusers] I have specified the only users that should 
have access.

Any ideas why this isn't working?

-------------------------------------------------------
2. Allow access for all users coming from a specific IP
-------------------------------------------------------

I have a Roundcube installation running on an external server and I 
need *all* my users to be able to use the Webmail regardless if they 
have IMAP or only POP access from their computer or mobile devices.

Using PAM I tried in [/etc/pam.d/imap]:
auth required pam_listfile.so item=user sense=allow file=/etc/imapusers 
onerr=fail
allow_nets=127.0.0.0/8,192.168.0.0/16,1.2.3.4

...where the webmail installation would be installed at IP [1.2.3.4]. 
But no luck!

-------------------------------------------------------

Please - if there are anyone with ideas I could really use them. I have 
been going around in circles for the last couple of weeks and I don't 
know what to do!

Sincerely,
Daniel

Daniel Parthey

2013-Oct-12 22:40 UTC

head link

[Dovecot] Problem with PAM, vpopmail and Roundcube

Hi Daniel

possibly http://wiki2.dovecot.org/PostLoginScripting is the right wiki article
for you.

It describes how to block a user depending on username and/or IP.

Regards
Daniel

Possibly Parallel Threads

Search for more apparently analagous threads

dovecot - Oct 2013 - Problem with PAM, vpopmail and Roundcube

[Dovecot] Problem with PAM, vpopmail and Roundcube

[Dovecot] Problem with PAM, vpopmail and Roundcube

Possibly Parallel Threads