Let's take this to the dbmail-dev list...
The more I read about this issue, the more the apache way (also used by
proftpd) comes to mind.
Some users can do whatever they please:
<Protocol POP3 IMAP>
<Limit>
deny from all
allow from 127.0.0.1
require gid 1
require user anton
require user bernard
require user charlie
</Limit>
</Protocol>
only group_id=0 can do IMAP from limited network:
<Protocol IMAP>
<Limit>
deny from all
allow from 194.109.214.0/24
require gid 0
</Limit>
</Protocol>
reject delivery for disabled accounts:
<Protocol LMTP>
<Limit>
deny from all
require valid-account
</Limit>
</Protocol>
Of course this would have to be converted into sql tables etc...
I wouldn't mind comparing notes with Ryan on this one.
Jesse Norell wrote:
Proper support for capabilities is planned, and will be a nice
solution once there (not just a quick hack). For something trivial
like this, I would wholeheartedly recommend working within the existing
code, otherwise you end up having to maintain your own patch sets every
time you want to upgrade to a newer version of upstream source.
Right,... how do I allow pop/imap access from localhost only for
individual users while allowing from anywhere for some users, and thus
still listening on all interfaces?
Ah, I didn't catch that the first time... yeah, either make a hack
like you did, or begin work on the actual capabilities implimentation. :)
Related links:
http://www.dbmail.org/mantis/bug_view_advanced_page.php?bug_id=0000006
http://www.google.com/search?hl=en&lr=&q=site%3Amailman.fastxs.net+disable+capabilities&btnG=Search
(first 3 threads)
--
Jesse Norell
jesse @ kci.net
_______________________________________________
Dbmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
--
________________________________________________________________
Paul Stevens mailto:[EMAIL PROTECTED]
NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED]
The Netherlands________________________________http://www.nfg.nl
