Restrict imap usage

DaMick

Verified User
Joined
Sep 23, 2006
Messages
18
Location
BE
Hi,

I would like to know if it is possible to restrict the imap usage in DA? Let's say I only want a few users to be able to use imap or pop, and the rest should only be able to use pop, how can I accomplish this?

A expect that there will be other users here that work the same way like I would like to work.

Thanks in advance.
 
If you're not using Dovecot, it should be possible, because the POP daemon and the IMAP daemon can easily be pointed to separate authentication methods. If you are using Dovecot, it would depend on whether or not Dovecot allows separate authentication methods for POP and IMAP.

But even without Dovecot, it won't be easy. You'll have to create a new authentication system from scratch, perhaps maintaining it with post-creation script and allowing access to it through some kind of custom plugin.

I don't see it as impossible, but neither do I see it as any kind of a quick project.

Jeff
 
thank you for the replay jlasman. I'm using Dovecot, and on their wiki, I found this (wich will become extremely helpfull) Restricting Access

So, reading the PAM section, this can't be so hard to achieve right?
 
Well, I haven't read it, and I don't have time to read it now.

So I guess you'll be teaching us :).

Jeff
 
One thing to remember if you do this, you will most likely keep your users from using Webmail. I'm pretty certain that SquirrelMail and Roundcube connect to the user's mailbox via an IMAP connection.
 
Perhaps there's a way to allow IMAP access through localhost but not through external IP#s?

Jeff
 
That also would be a possibility. And a good one to (as jlandes mentioned, squirrelmail and roundcube wont work anymore if you don't have imap access).

But restricting it only to use localhosthost ist sufficient enough. What if someone wants to recieve his imap mails in his mail client? (I prefere using Thunderbird for reading/sending mails).

So it should be a combination of both: Only allow IMAP from localhost, unless a user has permission to access it externaly. I will need to do some research on how to accomplish this. I'm only a simple information architect with basic knowledge of system administration ;)
 
Back
Top