As your restrictions are based on the imap/pop credentials, you would need to find servers that support such policies (or enhance existing ones). I am not aware of any servers that can do that.
You may be able to find servers that can bind to specific interfaces and then configure each instance to use a different authentication source. They must also lock the mailbox, so the two instances do not cause corruption by concurrent access. The only thing left then is provision the two authentication sources appropiately. 3rd option may be a protocl aware proxy server. /Allan
signature.asc
Description: Digital signature
