<br><br><div class="gmail_quote">On Tue, Jun 17, 2008 at 12:46 AM, Michael Menge <<a href="mailto:michael.menge@zdv.uni-tuebingen.de">michael.menge@zdv.uni-tuebingen.de</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi,<br>
<br>
sasl does not pass the IP-Address to pam.<br>
<div><div></div><div class="Wj3C7c"></div></div></blockquote><div><br>Exactly!!!!! This is what is happening i guess... coz it takes <span style="color: rgb(255, 0, 0);">"ALL" as the token but doesnt react on IP addresses.. any guess how i can MAKE it work?? </span><br style="color: rgb(255, 0, 0);">
<br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);">Any link on this??</span><br style="color: rgb(255, 0, 0);"><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);">regards,</span><br style="color: rgb(255, 0, 0);">
<span style="color: rgb(255, 0, 0);">Ashay.</span><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div><div class="Wj3C7c"><br>
<br>
<br>
Quoting Ashay Chitnis <<a href="mailto:chitnis.ashay@gmail.com">chitnis.ashay@gmail.com</a>>:<br>
<br>
> Dear All,<br>
><br>
> I need to access pop and imap on user based IP level restrictions. I found<br>
> pam to be best suited for this service level restriction. The restriction<br>
> will be as below.<br>
><br>
> User pqr should be allowed POP from IPADDR-1<br>
> User B should be allowed IMAP from IPADDR-2<br>
> User C should be allowed POP and IMAP from IPADDR-3<br>
><br>
> and so on.<br>
><br>
> To achieve this below settings are done in /etc/pam.d/pop<br>
><br>
><br>
> cat /etc/pam.d/pop<br>
> auth required /lib/security/pam_ldap.so<br>
> account required /lib/security/pam_access.so debug<br>
> accessfile=/usr/local/etc/popaccess.conf<br>
> account required /lib/security/pam_ldap.so<br>
><br>
><br>
> cat /usr/local/etc/popaccess.conf<br>
><br>
> +:pqr:<a href="http://192.168.2.66/32" target="_blank">192.168.2.66/32</a><br>
><br>
> OR<br>
><br>
> -:pqr:ALL EXCEPT <a href="http://192.168.2.66/32" target="_blank">192.168.2.66/32</a><br>
><br>
><br>
> But this does not see to be working as it is not yielding desired effect<br>
> even after restarting saslauthd and cyrus..<br>
><br>
><br>
> Kindly guide me through..<br>
><br>
> regards<br>
> Ashay<br>
><br>
<br>
<br>
<br>
</div></div>--------------------------------------------------------------------------------<br>
M.Menge Tel.: (49) 7071/29-70316<br>
Universitaet Tuebingen Fax.: (49) 7071/29-5912<br>
Zentrum fuer Datenverarbeitung mail:<br>
<a href="mailto:michael.menge@zdv.uni-tuebingen.de">michael.menge@zdv.uni-tuebingen.de</a><br>
Waechterstrasse 76<br>
72074 Tuebingen<br>
<br>
----<br>
Cyrus Home Page: <a href="http://cyrusimap.web.cmu.edu/" target="_blank">http://cyrusimap.web.cmu.edu/</a><br>
Cyrus Wiki/FAQ: <a href="http://cyrusimap.web.cmu.edu/twiki" target="_blank">http://cyrusimap.web.cmu.edu/twiki</a><br>
List Archives/Info: <a href="http://asg.web.cmu.edu/cyrus/mailing-list.html" target="_blank">http://asg.web.cmu.edu/cyrus/mailing-list.html</a><br>
</blockquote></div><br>