Re: [Exim] blocking addresses for smtpauth via acls

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Wakko Warner
Date:  
À: jvanasco
CC: exim-users
Sujet: Re: [Exim] blocking addresses for smtpauth via acls
> LDAP
>
> and i could have an smtp pass / imap pass, have some bit set for
> sending privs, look for certain trees
>
> but there are 10people here. actually, 5 now.
>
> i have better use for my time.


I see. You could do something like this in the server_condition:
${lookup{$1}lsearch{/some/file}{no}{${if eq{<ldap lookup>}{$2} {yes}{no}}}}

Not tested, but maybe it'll give you an idea.
basically: if found in /some/file, return no.
if not found, do an ldap lookup and compare passwords.
NOTE: the above has a hole in it. bad user/no pass will authenticate.
modify to your liking.

Where I work, I maintain about 200 email address in a mysql db. I tweek as
needed (not often though)

> >> some people were recently let go, and i need to turn off their email
> >> accounts
> >>
> >> right now, imap and smtp passwords are centralized - which would make
> >> turning things off very simple...
> >>
> >> except that I want to disable SMTP only right now, and allow IMAP
> >> access for a few weeks
> >>
> >> the easiest way - for me - i can think of this, is to have an file of
> >> emailaddresses, and read it as an addresslist -- then block that in
> >> the
> >> acl
> >>
> >> maybe at the beginning of acl_check_auth have:
> >>
> >>     acl_check_auth:
> >>         deny  message = 'SMTP access disabled'
> >>             senders = lsearch;/path/to/file

> >>
> >> does that make any sense?
> >
> > Are your users in sql? I've considered doing something like this. If
> > you
> > have users in SQL you may want to redesign the table to add enabled
> > for smtp
> > and imap.
> >
> > --
> > Lab tests show that use of micro$oft causes cancer in lab animals
> >
>

--
Lab tests show that use of micro$oft causes cancer in lab animals