[prev in list] [next in list] [prev in thread] [next in thread]
List: cyrus-sasl
Subject: Re: limit auth to IP
From: Andreas Winkelmann <ml () awinkelmann ! de>
Date: 2006-10-14 20:55:35
Message-ID: 200610142255.35907.ml () awinkelmann ! de
[Download RAW message or body]
Am Wednesday 11 October 2006 13:51 schrieb Martin G.H. Minkler:
> Is it possible to make a decision whether to offer authentication to a
> user based on the querying source IP address?
>
> One of the customers is picking up all mail for ~70 users with an
> exchange server and plain text POP3 while using criminally simple
> passwords, so we would like to limit the logins for just those accounts
> to the IP address of that exchange server.
>
> Of course this cannot happen on a firewall level as other customers have
> to be able to log in from any arbitrary source IP and OTOH iptables
> can't look into the packets to parse the username :-)
Create two imapd/pop3d's with diffrent Configurations on two IP-Addresses or
other Ports. And here comes iptables in the game. You can create
iptables-Rules, where you redirect access from the IPs to these Ports. Or
just let the Customers use these Ports and block other Traffic.
--
Andreas
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic