Refusing users without a mailbox?

Paul van der Vlis paul at
Tue Mar 11 10:06:54 EDT 2008


A customer is using a system with a mailserver and a FTP-server on one

Now a FTP-user found out, that he can login with his FTP-username and
password into the webmail (Horde/IMP), and send mail.

FTP-users do not have a mailbox. Is there a way to make the
authentication "not OK" for users without a mailbox?
Or only "OK" for users who are member of a group?

I am using Cyrus with saslauthd, PAM and the traditional Unix
authentication mechanism (

With regards,
Paul van der Vlis.


More information about the Info-cyrus mailing list