Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: Imap some users
« previous next »
Pages: [1]   Go Down

Imap some users

  • 5 Replies
  • 959 Views

Offline pleonazm

  • *
  • 12
  • +0/-0
    • http://www.beck.ro
Imap some users
« on: May 10, 2011, 10:40:16 AM »
Hello,
Is possible to permit IMAP only for some users?
I have a lot of users that configure himself email client with imap, and I don't want this, but for some users with phones email, I want to have access.
Thank you.
Logged

Offline Stefano

  • *
  • 10,894
  • +3/-0
Re: Imap some users
« Reply #1 on: May 10, 2011, 10:42:11 AM »
Quote from: pleonazm on May 10, 2011, 10:40:16 AM
I have a lot of users that configure himself email client with imap, and I don't want this

why?
Logged

Offline pleonazm

  • *
  • 12
  • +0/-0
    • http://www.beck.ro
Re: Imap some users
« Reply #2 on: May 10, 2011, 10:46:34 AM »
security reason (important emails), space on server, etc.
Logged

Offline mmccarn

  • *
  • 2,657
  • +10/-0
Re: Imap some users
« Reply #3 on: May 10, 2011, 01:01:40 PM »
You could give the POP3-only users very small disk quotas, and/or change the ports used by IMAP and only tell the new ports to the authorized IMAP users.

I don't see any way to restrict access by user in the docs for imapfront-auth
Logged

Offline pleonazm

  • *
  • 12
  • +0/-0
    • http://www.beck.ro
Re: Imap some users
« Reply #4 on: May 10, 2011, 01:19:30 PM »
Quote from: mmccarn on May 10, 2011, 01:01:40 PM
.. change the ports used by IMAP and only tell the new ports to the authorized IMAP users.

Great ideea, how to change port?,...and keep after restart?
Logged

Offline mmccarn

  • *
  • 2,657
  • +10/-0
Re: Imap some users
« Reply #5 on: May 13, 2011, 01:24:55 PM »
Hmmm -- I see your point.  /var/service/imaps/run is not templated.

What happens if you do this:
Code: [Select]
config setprop imaps status disabled
config set imaps-alt service TCPPort 1993 access public status enabled
db portforward_tcp set 1993 forward DestHost localhost DestPort 993
expand-template /etc/rc.d/init.d/masq
/etc/rc.d/init.d/masq restart
signal-event remoteaccess-update

This should do the following:
* disable any firewall rule for port 993 (which will prevent WAN traffic but not LAN traffic)
* create a new "service" (as far as the firewall is concerned) named imaps-alt allowing traffic on port 1993
* create a port forwarding rule from port 1993 to 993.
* rebuild /etc/rc.d/init.d/masq
* reset remote access rules.

If you're trying to restrict access for LAN users, you might need to use 'AllowHosts' or 'DenyHosts' instead of "status disabled" for the imaps service.  Learn more about configuring the firewall by clicking on the link below, then scrolling down to the table showing relevant db variables:
http://wiki.contribs.org/DB_Variables_Configuration#IPTables_firewall_.28masq.29

Undo these changes with:
Code: [Select]
config delete imaps-alt
db portforward_tcp delete 1993
config setprop imaps status enabled
expand-template /etc/rc.d/init.d/masq
/etc/rc.d/init.d/masq restart
signal-event remoteaccess-update
« Last Edit: May 13, 2011, 01:31:32 PM by mmccarn »
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: Imap some users