Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm using Postfix and UW-IMAP and I'm trying to find out if it is possible to limit certain users from gaining access to their email from outside of the LAN. Some users though need to be able to get their email from the WAN so I cant just shut everything off to the outside world. Most likely all of these users will be using webmail only.
Take for instance Tom, he needs to gain access to his email when he is in Europe and at the office (most likely using webmail), while Cindy doesn't travel and has no business downloading company email onto her home computer.
My twitch reaction is to take away Cindy's home computer. She obviously can't be trusted.
Back to the topic - you could probably build this into your webmail software as part of the authentication system. If you used something like LDAP you could probably add a record regarding WAN access (yes/no) on a per-user basis. This would mean that you wouldn't have to add an extra layer (ie another auth screen before regular login)
A lot of the above depends on which auth scheme you use and which webmail server you're using.
Webmail used would be squirrelmail. But the problem is the users would still be able to gain access though IMAP even if I could figure out a way to do this through the webmail program. Im guessing the only way to controll this would be through IMAP. Am I wrong here?
Only local. Anything done Over the WAN I would like to be webmail. I guess what you are about to say is to block IMAP connections from comeing through the firewall, this should not effect webmail at all. But I still have the same problem of how to limit some users (not all users) from gaining access through their webmail account from over the WAN.
Im not sure if this will do it for me. http://www.squirrelmail.org/plugin_view.php?id=106
Plugins - IP address and username restrictions
Looks like I can restrict per user and ip address. Not sure if this will work or not. I will give it a try.
Ok this works kind of. What I need is to specify the whole LAN IP range (192.168.36.1-192.168.36.255) and just not 1 IP address. Some of the users might need to move around to different computers on the LAN.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.