limit auth to IP
Andreas Winkelmann
ml at awinkelmann.de
Sat Oct 14 16:55:35 EDT 2006
Am Wednesday 11 October 2006 13:51 schrieb Martin G.H. Minkler:
> Is it possible to make a decision whether to offer authentication to a
> user based on the querying source IP address?
>
> One of the customers is picking up all mail for ~70 users with an
> exchange server and plain text POP3 while using criminally simple
> passwords, so we would like to limit the logins for just those accounts
> to the IP address of that exchange server.
>
> Of course this cannot happen on a firewall level as other customers have
> to be able to log in from any arbitrary source IP and OTOH iptables
> can't look into the packets to parse the username :-)
Create two imapd/pop3d's with diffrent Configurations on two IP-Addresses or
other Ports. And here comes iptables in the game. You can create
iptables-Rules, where you redirect access from the IPs to these Ports. Or
just let the Customers use these Ports and block other Traffic.
--
Andreas
More information about the Cyrus-sasl
mailing list