Refusing users without a mailbox?
Paul van der Vlis
paul at vandervlis.nl
Tue Mar 11 10:06:54 EDT 2008
Hello,
A customer is using a system with a mailserver and a FTP-server on one
machine.
Now a FTP-user found out, that he can login with his FTP-username and
password into the webmail (Horde/IMP), and send mail.
FTP-users do not have a mailbox. Is there a way to make the
authentication "not OK" for users without a mailbox?
Or only "OK" for users who are member of a group?
I am using Cyrus with saslauthd, PAM and the traditional Unix
authentication mechanism (pam_unix.so).
With regards,
Paul van der Vlis.
--
http://www.vandervlis.nl/
More information about the Info-cyrus
mailing list