HI,


Actually my requirement is to deny all access to mailbox for a particular user apart from a specific ip [ eg his laptop ip address].

can we achieve this goal by using access control in postfix or do we have any alternative for the same..

Hope am clear in explaining my requirement.let me know if i missed any details to be provided.

Thanks,
prasanth George

You'll be wanting to configure your POP/IMAP server then - not postfix.

1 members found this post helpful.

As with some of your other threads, you have provided next to none of the details needed. You still don't say what version/distro of Linux, how this user is accessing the mail system (web? client? which one?), if this is from your internal network or via an external network (VPN? Internet?), or what mail system you're using.

You can use fail2ban, ossec, or iptables to allow traffic from one address to one port. Postfix has options to limit connections. Again, since you provide no useful details, we can't tell you which would be best or how to implement them.

Thanks for your prompt reply.

in googling we found 1 option for our requirement.

"It's possible to allow a user to authenticate only from a specific IP or network. This is especially useful for master users. This can be done by returning allow_nets extra field in passdb."

"
my pass_attrs looks this:

pass_attrs = =user=%{ldap:uid}, \
=allow_nets=%{ldap:allownets} "

how we do this , which file we should modify as we are using openldap in our scenario.


Thanks,
Prasanth George.

AGAIN, you are STILL not providing ANY DETAILS:

• Version/distro of Linux
• What kind of client are you using?
• How are the clients coming in?
• Internal or external network?
• Postfix or sendmail?

Again, as with other threads you've posted, you don't provide details, and still aren't, even though you were asked to. Unless you answer the questions people are asking, there's no way anyone is going to be able to help. The only additional thing you're saying now is you're using openLDAP. And since you found ONLY ONE hit on Google (unlikely), you don't even share that link with us, so we can know what you've looked at, and what context the two lines you posted are in.

1 members found this post helpful.

Sorry for not mentioning detils clearly.

Version/distro of Linux : clearos 5.2 [http://www.clearfoundation.com/Software/overview.html]
What kind of client are you using?: smb client
How are the clients coming in? [not understood queation clearly]
Internal or external network? internal network
Postfix or sendmail? postfix

openldap version :2.4.12


Thanks,
Prasanth George

You were asked several times for the details, but didn't provide them...this is no different than several of your other threads, where you ALSO didn't provide details when asked (if at all). ClearOS 5.2 is old, but appears to be supported.
No, sorry..you are NOT using Samba to check your email. To be more clear, WHAT KIND OF EMAIL CLIENT are you using?????
Again, re-read the questions first asked of you: are they coming in over the Internet, VPN, etc.???
That makes things much simpler.
...and, as said before in post #3, you can use fail2ban, ossec, or iptables to allow traffic from one address to one port. Postfix has options to limit connections. Please read the replies that you get. Did you actually TRY any of those methods? Did you try looking at the postfix options, which are clearly in the postfix manual?????

A brief search pulls up:
http://www.postfix.org/RESTRICTION_CLASS_README.html

Did you try looking at the documentation first?