Posfix access control restriction for a specific user
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
HI,
Actually my requirement is to deny all access to mailbox for a particular user apart from a specific ip [ eg his laptop ip address]. can we achieve this goal by using access control in postfix or do we have any alternative for the same..
Hope am clear in explaining my requirement.let me know if i missed any details to be provided.
As with some of your other threads, you have provided next to none of the details needed. You still don't say what version/distro of Linux, how this user is accessing the mail system (web? client? which one?), if this is from your internal network or via an external network (VPN? Internet?), or what mail system you're using.
You can use fail2ban, ossec, or iptables to allow traffic from one address to one port. Postfix has options to limit connections. Again, since you provide no useful details, we can't tell you which would be best or how to implement them.
You'll be wanting to configure your POP/IMAP server then - not postfix.
Thanks for your prompt reply.
in googling we found 1 option for our requirement.
"It's possible to allow a user to authenticate only from a specific IP or network. This is especially useful for master users. This can be done by returning allow_nets extra field in passdb."
Thanks for your prompt reply.
in googling we found 1 option for our requirement.
"It's possible to allow a user to authenticate only from a specific IP or network. This is especially useful for master users. This can be done by returning allow_nets extra field in passdb."
how we do this , which file we should modify as we are using openldap in our scenario.
AGAIN, you are STILL not providing ANY DETAILS:
Version/distro of Linux
What kind of client are you using?
How are the clients coming in?
Internal or external network?
Postfix or sendmail?
Again, as with other threads you've posted, you don't provide details, and still aren't, even though you were asked to. Unless you answer the questions people are asking, there's no way anyone is going to be able to help. The only additional thing you're saying now is you're using openLDAP. And since you found ONLY ONE hit on Google (unlikely), you don't even share that link with us, so we can know what you've looked at, and what context the two lines you posted are in.
Version/distro of Linux : clearos 5.2 [http://www.clearfoundation.com/Software/overview.html]
What kind of client are you using?: smb client
How are the clients coming in? [not understood queation clearly]
Internal or external network? internal network
Postfix or sendmail? postfix
openldap version :2.4.12
Thanks,
Prasanth George
Quote:
Originally Posted by TB0ne
AGAIN, you are STILL not providing ANY DETAILS:
Version/distro of Linux
What kind of client are you using?
How are the clients coming in?
Internal or external network?
Postfix or sendmail?
Again, as with other threads you've posted, you don't provide details, and still aren't, even though you were asked to. Unless you answer the questions people are asking, there's no way anyone is going to be able to help. The only additional thing you're saying now is you're using openLDAP. And since you found ONLY ONE hit on Google (unlikely), you don't even share that link with us, so we can know what you've looked at, and what context the two lines you posted are in.
Sorry for not mentioning detils clearly.
Version/distro of Linux : clearos 5.2
You were asked several times for the details, but didn't provide them...this is no different than several of your other threads, where you ALSO didn't provide details when asked (if at all). ClearOS 5.2 is old, but appears to be supported.
Quote:
What kind of client are you using?: smb client
No, sorry..you are NOT using Samba to check your email. To be more clear, WHAT KIND OF EMAIL CLIENT are you using?????
Quote:
How are the clients coming in? [not understood queation clearly]
Again, re-read the questions first asked of you: are they coming in over the Internet, VPN, etc.???
Quote:
Internal or external network? internal network
That makes things much simpler.
Quote:
Postfix or sendmail? postfix openldap version :2.4.12
...and, as said before in post #3, you can use fail2ban, ossec, or iptables to allow traffic from one address to one port. Postfix has options to limit connections. Please read the replies that you get. Did you actually TRY any of those methods? Did you try looking at the postfix options, which are clearly in the postfix manual?????
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.