Scalix Forums

Hello,

Is there a way to disable IMAP access for a specific user account?

Thanks,

Eric

Hi!

Is there a way to disable IMAP access for a specific user account?

If you refer to SWA access, you can disable SWA for a user, by logging in SAC and
modifying view the user properties and remove the check next to option "User can use SWA". This would stop that user from using SWA for mail.

Thanks,
Subir

I'm fine with users using the SWA to check their mail but I want to block IMAP (port 143) for specific users using Outlook or ThunderBird.

Thanks,

Eric

Hi Eric,

If you make the user class to be limited, he/she would be able to access SWA but would not be able to use Outlook. See the man pages for ommodu with --class option.

Thanks,
Subir

If I set the user to limited, he/she will not have access to the Scalix server using the "Scalix Outlook Connector". But he/she will still be able to connect to Scalix server using IMAP. I just want to give them POP access.

Thanks,

Eric

Hi Eric!

I don't think there is a way to block a single user from connecting to IMAP.

Thanks,
Subir

Well, there is, but it's not pretty at the moment.

You can use pam_listfile to block a user, but you'll also need om_om2authid to get a PAM_USER name that's useful for putting in a pam_listfile command.

Basically you want to add "auth required om_om2authid" and "auth required pam_listfile ..." lines to ~/sys/pam.d/ual.remote and you can use that to block access for specified users.
Of course, that will also stop them coming in through MAPI, but that's probably what you want.

We really ought to have a separate PAM file for IMAP, but it's not practicable to do that until I've finished re-factoring the PAM stuff and brought it screaming and kicking into the 21st century.

jch

is there any way for the user to tell whether their IMAP access has been disabled?