On 11/01/2011 20:10, Romer Ventura wrote:
-----Original Message-----
From: dovecot-bounces+rventura=h-st....@dovecot.org
[mailto:dovecot-bounces+rventura=h-st....@dovecot.org] On Behalf Of Simone
Caruso
Sent: Tuesday, January 11, 2011 12:18 PM
To: dovecot@dovecot.org
Subject: Re: [Dovecot] Denying authentication
What I would like to know is if there is any way that
I could deny access for users trying to access email via cellphones or
email clients outside the company. I can close everything since there
are a few users that need to get emails from outside the company via
cell phone of email clients.
I was thinking if there was a way to lets say create
a group in AD named: "remote-email" that will allow connection and
authentication from any network, any user not in that group will only
be able to authenticate if the source is 192.168.xx.xx/24.
Is this possible?
Read this:
http://wiki1.dovecot.org/PasswordDatabase/ExtraFields/AllowNets
--
Simone Caruso
IT Consultant
p.iva: 03045250838
Yeah, but again. There are certain users that will need to access their
email from outside our local networks. This would work for half of what I
would like to accomplish, the other half: "allow authentication for remote
users as long as they belong to certain LDAP group" or something similar is
what I am more interested on.
You can try using two userdb with different LDAP queries for each ldap group(see MultipleDatabases wiki page), but i
never tried something like this.
--
Simone Caruso
IT Consultant
+39 349 65 90 805
p.iva: 03045250838
