On Dec 3, 2007 7:36 AM, Marc Cuypers <[EMAIL PROTECTED]> wrote: > Hi, > > When using dovecot for authentication of an SASL (postfix) request, i > cannot use the allow_nets parameter. The IP-address of the requester is > not known in dovecot. > > I would like to allow sasl for certain users, others are not allowed to > access via SASL. > Some users can have access to imap and pop3 from certain IP-addresses. > > How could i combine this in then dovecot configuration? > > -- > Best regards, > > Marc >
You can do this in postfix main.cf using the smtpd_sasl_exceptions_networks parameter. Normally this parameter lists networks *not* allowed to use AUTH, but you can exempt certain hosts by proceeding them with a "!". Note that order matters, here; exceptions must come before the static:all entry. For example. to offer AUTH only to 192.0.2.0-192.0.2.255: # main.cf smtpd_sasl_exceptions_networks = !192.0.2.0/24 static:all See also http://www.postfix.org/postconf.5.html#smtpd_sasl_exceptions_networks Or for an alternative method: http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keyword_address_maps -- Noel Jones
