Displaying 20 results from an estimated 200 matches similar to: "Per user based protocol access and pause after failed login?"
2006 Sep 30
2
Dovecot accepts squirrelmail, rejects fetchmail
Hello,
this is a follow-up to the thread "Fetchmail can't talk to dovecot"
http://www.dovecot.org/list/dovecot/2006-September/016477.html
Increasing the log level I get this in the log filed:
Sep 30 15:04:19 fm dovecot: Dovecot v1.0.rc7 starting up
Sep 30 15:04:22 fm dovecot: auth(default): passwd-file /etc/dovecot_user_file: Read 1 users
Sep 30 15:05:05 fm dovecot: auth(default):
2013 May 29
1
Enable IMAP only for certain users/IP
Hi,
I'm trying to config dovecot to enable IMAP protocol only for certain
IPs and users.
The logical steps I've followed are:
1. If a user is trying to login from an IP that I've authorized (
listed in a file) the request is authorized.
2. If not, if the user is listed in a second file the request is
authorized.
3. If also this check fails the request is rejected.
I'm using PAM
2018 Aug 07
2
id <username> - doesnt list all groups
Hello,
my enviroment:
All Servers are Ubuntun 16.04-18.04
SAMBA AD DC Server and several SAMABA DOMAIN MEMBER (connected via
WINBIND). In ADDC I've created a group "restrictaccess" and added some
users.
Now when im typing "id <username>" on a Domain Member, for some users
the group "restrictaccess" are listed for some not!
For example:
ON DC:
#
2007 Jul 19
2
fine-grained user authentication support
Hi,
I'm wondering if it's possible to have some users restricted to only
login via POP3 or only IMAP (likewise for IMAPS/POP3S). Returning a
particular field with the userdb sql query (protocols=imaps did not
work), perhaps setting up a different passdb? Is this possible with
dovecot?
-Adam
2018 Aug 07
2
id <username> - doesnt list all groups
Thank for your answer:
But i dont know understand why is following not working:
I want to restrict the ssh access for a special domain member:
In my "sshd_config" i added:
AllowGroups restrictaccess root
With user2 im able to login via ssh!
log: pam_krb5(sshd:auth): user user2 authenticated as user2 at ROOTRUDI.DE
With user1 im not!
log: User user1 from 192.168.0.100 not allowed
2008 Feb 14
3
Restrict user on IMAP or POP
Hey guys,
Is it possible to deny a user on POP or IMAP! For example, on the
primary server we use POP3 and IMAP but how I can force a user to use
POP3 and be unable to authenticate on IMAP ?
Thanks
Sebastien
2010 Feb 06
2
pop3 quick question
Hello list,
I have found imap_allowed option in dovecot which do exactly what I need, for imap. Is there something similar for pop3 protocol?
The main goal for it - is to enable pop3 access to specific users.
Or maybe dovecot have some 'pop3=yes' or 'imap=no' args to userdb/passdb sections ?
I know future dovecot 2.* versions will support rewriting for protocols, but this is
2015 Sep 17
3
restrict map-login by geoip?
Is there a way to restrict my user logins from a set of IPs? For example, all my users are in the US so there shouldn't be any logins from other countries. Can I tell dovecot to restrict logins to a CIDR list of US IPs? Can someone point me to docs on how to set this up? I've searched but haven't found how to accomplish this.
Thanks,
-Terry
Terry Barnum
digital OutPost
2012 Aug 16
2
dovecot 2.1 Master account Error
HI
I am running parallel dovecot 1.2 for main accounts and 2.1 for test
accounts, and for some reason when i try to login with master user on
dovecot 2.1 service errors.
However the normal user logins and rest works flawlesly
Here is the debug
Aug 16 15:15:56 mailstore-node-02 dovecot: auth: Debug: auth client
connected (pid=27557)
Aug 16 15:15:56 mailstore-node-02 dovecot: auth: Debug: client
2016 May 18
2
mailbox.auto ignores dovecot-uidlist.lock
On 2016-05-18 11:52, Aki Tuomi wrote:
> On 18.05.2016 12:44, Tom Sommer wrote:
>> I'm trying to lock down a maildir from modifications using
>> dovecot-uidlist.lock, but when a user with mailbox.auto = create logs
>> in, then the folder is created regardless of dovecot-uidlist.lock
>> existing or not.
>>
>> Is there no way to prevent dovecot from
2014 Feb 23
1
Detail improvement: %c variable
Hi,
although dovecot is great and almost exactly solving my problems and
fitting my requirements, there is an odd detail that causes me problems:
The %c variable. (See http://wiki2.dovecot.org/Variables )
I'm managing an IMAP server for an association, which is connected to an
LDAP server. Users can connect in three ways: IMAPS from the internet,
IMAP from local acccounts, and IMAP
2006 Dec 01
6
POP3 protection
I have some users that I will not allow to use POP3 thru my system, but
force them to use webmail.
Would it be possible to put an extra option in dovecot.conf to force this:
# -----------------------------------------------------------------
# Logon processes
# user = <username>,<password>
# -----------------------------------------------------------------
user =
2004 Oct 18
1
disable password authentication per user
I would like disable password authentication in sshd for particular users,
without locking their UNIX password, and without requiring all users to
use PubkeyAuthentication. I cannot find a documented way to accomplish
this in OpenSSH. Is it currently possible?
If not, I think this would be a very useful feature to add. I believe
that each user should have some control of which authentication
2012 Jul 14
2
Only allow connections if file (or special condition) is present
Hello!
I was wondering if it possible now (or possible to implement something like
that in the future) that the daemon does only accept connections if a
specific file is present at the moment of the connection request.
I want to achieve that a connection to my server is only possible if I plug
in e.g. an USB stick (which would contain the file) and is always rejected
if that
2004 Jun 06
2
Feature request?
I'd like to toss a feature request on the table for consideration. We
currently use a different popd because of a feature that allows us to
restrict pop access based upon an allowed users list. This is the only
thing that keeps us from using the popd in dovecot currently. It's a
simple text file of usernames that are allowed to use pop, if the name
isn't in that list then pop
2009 Jul 10
1
vsftpd not able to log in
Hi folks,
I can't seem to log into my system via
vsftpd. All other services using PAM are fine...Am I missing something simple?
ftp> user
(username) user
331 Please specify the password.
Password:
530 Login incorrect.
# getenforce
Permissive
here is the event in /var/log/audit/audit.log:
type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0
2008 Feb 04
1
Strong security in user's accounts and paswords..
Hi, I have some databases running on CentOS4 with users accessing the
shell (bash), so I'd like to strong the security on my server in user's
accounts and passwords.. I mean, enforcing strong passwords, min/max age
passwords, locking passwords when you fail 3 times, and all this stuff.
Is there any package which do this work? Any tutorial?
Thanks in advance
Regards
Israel
2002 Feb 13
2
Problem with using both pam_listfile to deny logins and pubkey authentication
Hi,
I'm trying to use pam_listfile.so to deny logins from all others but few
users (names in /etc/loginusers). With password authentication it works
fine, but with public key authentication OpenSSH lets in users whose
names arent't in /etc/loginusers. AllowUsers in sshd_config does what
one would expect.
I'm using OpenSSH-3.0.2p1 on Debian testing (package version
1:3.0.2p1-6)
2008 Jan 18
1
Static list of users with passdb pam
Hi,
On my system, I want to provide imap access for some of the users listed
in /etc/passwd. The list of users should be provided by me, and should
just be a list in a text file. All the userdb options are static (uid,
gid, home directory). Unfortunately, I cannot think of a way to
configure Dovecot to do this. The closest I get is with:
passdb pam {}
userdb passwd-file {
args =
2010 Dec 27
3
Dovecot - AllowGroups option
Hi,
I'm trying to control access to different services on an Debian server using /etc/group. So that a user I create for FTP usage doesn't fill up my server with IMAP folders or samba garbage.
Services like proftpd have:
"AllowGroup ftpgroup"
sshd have
"AllowGroups sshgroup"
And samba have
"valid users = @smbgroup"
But I can't find the correct