Dmitriy Kirhlarov wrote:
On Thu, Apr 26, 2007 at 12:07:20PM +0400, Dmitriy Kirhlarov wrote:
On Thu, Apr 26, 2007 at 12:14:13PM +0530, ram wrote:
On our cyrus server some users need access from office as well as from
outside our LAN. So we nat the imap port on our firewall and people are
able to access
But Contract employees need not access mails from outside the office.
How can I allow access for such users only from the office
Cyrus imapd doesn't have source ip filter feature, afaik and support
only one authorization group (ldap_filter).
With this reason you have to use some tric.
You need to configure two access groups and two cyrus servers (with
replication or murder configuration) and use different groups on this
servers.
Possible, some imap proxy can be configured for using second group.
O-ops.. :)
cyrus.conf:
...
SERVICES {
public cmd="imapd -C /public.imapd.conf" listen=public_ip:imap
private cmd=imapd listen=private_ip:imap
}
That doesn't fix the problem because you can't say which user can log in
on what interface.
But you could maybe do it like this:
two different imapd.confs. In one of them you use a different saslauthd
(if you would be using this) socket. And run a second saslauthd with
different config.
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert Rudy.Gevaert@xxxxxxxx tel:+32 9 264 4734
Directie ICT, afd. Infrastructuur ICT Department, Infrastructure office
Groep Systemen Systems group
Universiteit Gent Ghent University
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
