dovecot - Nov 2013 - Locking down master user to certain domains through passwd-file auth

Hello,

I know it is possible to lock down a master user to only have access to 
certain domains through SQL login but I was wondering if the same was 
possible with a passwd-based system. I currently have a master-passwd 
file residing in the /etc/virtual/domain.com/ directories I want the 
master user to be able to log in to. Is there a way to tell passdb to 
only allow the master user login to proceed if they can auth to the 
master-passwd file in the same folder as the user? Alternatively, is 
there a better way to go about this?

What I assumed would be the easy approach, where the domain from the 
user's e-mail is fetched, doesn't seem to work as %d fetches the master 
user's domain and, unless I'm doing something wrong, the login_domain 
variable cannot be used as this is outside Dovecot-auth.

Any assistance with this would be appreciated.

-- 

Best regards,

Andrew Obertas
Technical Support Representative
Infinet Communications Group

On 22.11.2013, at 0.24, Andrew Obertas <andrew at infinet.net> wrote:
> Hello,
> 
> I know it is possible to lock down a master user to only have access to
certain domains through SQL login but I was wondering if the same was possible
with a passwd-based system. I currently have a master-passwd file residing in
the /etc/virtual/domain.com/ directories I want the master user to be able to
log in to. Is there a way to tell passdb to only allow the master user login to
proceed if they can auth to the master-passwd file in the same folder as the
user? Alternatively, is there a better way to go about this?
> 
> What I assumed would be the easy approach, where the domain from the
user's e-mail is fetched, doesn't seem to work as %d fetches the master
user's domain and, unless I'm doing something wrong, the login_domain
variable cannot be used as this is outside Dovecot-auth.
What do you mean outside Dovecot-auth? Master user login is done in auth
process. %{login_domain} should work I think..