[Dovecot] restricting access by reverse domain name
Timo Sirainen
tss at iki.fi
Mon Aug 9 18:18:52 EEST 2010
On Mon, 2010-08-09 at 10:55 -0400, Phil Howard wrote:
> Is there a feature or plugin to restrict access to IMAP/POP service by
> the domain name in reverse lookup?
With v2.0 you could use tcp-wrappers.
> It would be even better if this
> restriction can exclude certain users (e.g. some users can access IMAP
> from certain networks but other users cannot).
Then you need to check this during authentication. What passdb do you
use? There is
http://wiki.dovecot.org/PasswordDatabase/ExtraFields/AllowNets but it
doesn't do reverse DNS lookups. For that you'd need to a) use passdb pam
with some PAM plugin, b) use passdb checkpassword with your own script,
c) add some new code to Dovecot or create a plugin.
More information about the dovecot
mailing list