Hi,
The dovecot version is 2.2.33.2 and we are using LDAP to do the authentication
for SMTP service.
We have the following configuration in auth-ldap.conf.ext to deny some users for
LDAP auth.
passdb {
args = /etc/dovecot/deny.smtp
driver = passwd-file
deny = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
And now we want to change the mechanism and only users in the list can send to
LDAP auth and deny all others:
passdb {
args = /etc/dovecot/allow.smtp
driver = passwd-file
deny = no
result_failure = return-fail
result_internalfail = return-fail
result_success = continue-fail
}
passdb {
# Path for LDAP configuration file, see example-config/dovecot-ldap.conf.ext
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
Since we do not have the users? password in the plain text file ?allow.smtp?,
the authentication process will fail and exit in the first passdb.
Anyone can help to advice how to configure dovecot to have a whitelist for user
LDAP authentication? Thank you very much.
Best regards,
William Pang
Academic Computing and Technology Services Section
Information and Communication Technology Office
University of Macau
Tel: 8822 8407
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20180713/686943b3/attachment.html>
Am 13.07.2018 um 10:30 schrieb whpang:> Hi, > > The dovecot version is 2.2.33.2 and we are using LDAP to do the authentication for SMTP service.[ ... ]> Anyone can help to advice how to configure dovecot to have a whitelist for user LDAP authentication? Thank you very much. > > Best regards, > William Pang > > Academic Computing and Technology Services Section > Information and Communication Technology Office > University of Macau > Tel: 8822 8407Define an LDAP attibute which stands for "being allowed to submit" and set your LDAP filter accordingly. Alexander
%s flag should be very useful for this. See? https://wiki.dovecot.org/Authentication/RestrictAccess ---Aki TuomiDovecot oy -------- Original message --------From: Alexander Dalloz <ad+lists at uni-x.org> Date: 13/07/2018 17:50 (GMT+02:00) To: dovecot at dovecot.org Subject: Re: Whitelist file for LDAP authentication Am 13.07.2018 um 10:30 schrieb whpang:> Hi, > > The dovecot version is 2.2.33.2 and we are using LDAP to do the authentication for SMTP service.[ ... ]> Anyone can help to advice how to configure dovecot to have a whitelist for user LDAP authentication? Thank you very much. > > Best regards, > William Pang > > Academic Computing and Technology Services Section > Information and Communication Technology Office > University of Macau > Tel: 8822 8407Define an LDAP attibute which stands for "being allowed to submit" and set your LDAP filter accordingly. Alexander -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20180713/3d279f43/attachment.html>