Refusing users without a mailbox?
Patrick Boutilier
boutilpj at ednet.ns.ca
Tue Mar 11 12:12:35 EDT 2008
Paul van der Vlis wrote:
> Hello,
>
> A customer is using a system with a mailserver and a FTP-server on one
> machine.
>
> Now a FTP-user found out, that he can login with his FTP-username and
> password into the webmail (Horde/IMP), and send mail.
>
> FTP-users do not have a mailbox. Is there a way to make the
> authentication "not OK" for users without a mailbox?
> Or only "OK" for users who are member of a group?
You should be able to use pam_require
(http://www.splitbrain.org/projects/pam_require). Make a group for your
mail users and put the users in that group. Then configure
/etc/pam.d/imap (or wherever your pam config is located) to use
pam_require to require that users that want to log into Cyrus be in that
group.
>
> I am using Cyrus with saslauthd, PAM and the traditional Unix
> authentication mechanism (pam_unix.so).
>
> With regards,
> Paul van der Vlis.
>
>
>
>
More information about the Info-cyrus
mailing list