If your cyrus-imap server is exposed to the world then I doubt
if such a restriction is possible. However, if you allow mail
access to the server via some external interfaces (for example,
http interface via Imp), then you can restrict the ip addressess
that can access to it for imap services via tcpwrappers (or
ipchanins), there by achieving your objective.
__
Seva
Quoting Nicholas Blackaby <[EMAIL PROTECTED]>:
> Hello,
>
> I am wondering what is the simplest way to restrict admin access
> (both via cyradm and directly via IMAP) to just connections from
> certain specified hosts. As an example, how can I prevent the admin
> user ("cyradmin", say) authenticating successfully if they are not
> connecting from a certain host ("xx.xx.xx.xx", say)?
>
> We currently use PAM for authenticating users using LDAP
> I have tried using the pam_access PAM module but have not had
> any success with it. However, given that we are being advised to
> move away from PAM and instead use SASL-patched-for-LDAP, I
> was wondering if such host-based restrictions for certain users can
> be achieved within SASL (or the associated
> pwcheck_sasl_with_ldap type programs being touted at the
> moment)?
>
> For information: I am using Cyrus IMAP 2.0.12; SASL 1.5.24;
> RedHat 7.1.
>
> Thanks,
> Nick.
>
>
>
>
> --
> Nicholas Blackaby, ISD, UMIST.
> [EMAIL PROTECTED], 0161 200 3208
>
