pam and pop issue.

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

pam and pop issue.

Ashay Chitnis
Dear All,

This is issue on POP rather pam and not on postfix.. though wanted to know if any one could guide..

I need to access pop and imap  on user based IP level restrictions. I found pam to be best suited for this service level restriction. The restriction will be as below.

User pqr should be allowed POP from IPADDR-1
User B should be allowed IMAP from IPADDR-2
User C should be allowed POP and IMAP from IPADDR-3

and so on.

To achieve this below settings are done in  /etc/pam.d/pop


cat /etc/pam.d/pop
auth    required        /lib/security/pam_ldap.so
account required  /lib/security/pam_access.so debug accessfile=/usr/local/etc/popaccess.conf
account required        /lib/security/pam_ldap.so


cat  /usr/local/etc/popaccess.conf

+:pqr:192.168.2.66/32

OR

-:pqr:ALL EXCEPT 192.168.2.66/32


But this does not see to be working as it is not yielding desired effect even after restarting saslauthd and cyrus..


Kindly guide me through..

regards
Ashay





Reply | Threaded
Open this post in threaded view
|

Re: pam and pop issue.

mouss-2
Ashay Chitnis wrote:
> Dear All,
>
> This is issue on POP rather pam and not on postfix.. though wanted to know
> if any one could guide..
>  

This is the postfix mailing list. if you have a pop problem, please ask
on your pop server list. if you have a pam issue, please ask on your OS
vendor list.

> I need to access pop and imap  on user based IP level restrictions. I found
> pam to be best suited for this service level restriction. The restriction
> will be as below.
>
> User pqr should be allowed POP from IPADDR-1
> User B should be allowed IMAP from IPADDR-2
> User C should be allowed POP and IMAP from IPADDR-3
>
> and so on.
>
> To achieve this below settings are done in  /etc/pam.d/pop
>
>
> cat /etc/pam.d/pop
> auth    required        /lib/security/pam_ldap.so
> account required  /lib/security/pam_access.so debug
> accessfile=/usr/local/etc/popaccess.conf
> account required        /lib/security/pam_ldap.so
>
>
> cat  /usr/local/etc/popaccess.conf
>
> +:pqr:192.168.2.66/32
>
> OR
>
> -:pqr:ALL EXCEPT 192.168.2.66/32
>
>
> But this does not see to be working as it is not yielding desired effect
> even after restarting saslauthd and cyrus..
>
>
> Kindly guide me through..
>
> regards
> Ashay
>
>