Disable IMAP for a specific user

[ericblanchette]

Hello,

Is there a way to disable IMAP access for a specific user account?

Thanks,

Eric

[ScalixSupport]

Hi!

Is there a way to disable IMAP access for a specific user account?

If you refer to SWA access, you can disable SWA for a user, by logging in SAC and
modifying view the user properties and remove the check next to option "User can use SWA". This would stop that user from using SWA for mail.

Thanks,
Subir

[ericblanchette]

I'm fine with users using the SWA to check their mail but I want to block IMAP (port 143) for specific users using Outlook or ThunderBird.

Thanks,

Eric

[ScalixSupport]

Hi Eric,

If you make the user class to be limited, he/she would be able to access SWA but would not be able to use Outlook. See the man pages for ommodu with --class option.

Thanks,
Subir

[ericblanchette]

If I set the user to limited, he/she will not have access to the Scalix server using the "Scalix Outlook Connector". But he/she will still be able to connect to Scalix server using IMAP. I just want to give them POP access.

Thanks,

Eric

[ScalixSupport]

Hi Eric!

I don't think there is a way to block a single user from connecting to IMAP.

Thanks,
Subir

[jch]

Well, there is, but it's not pretty at the moment.

You can use pam_listfile to block a user, but you'll also need om_om2authid to get a PAM_USER name that's useful for putting in a pam_listfile command.

Basically you want to add "auth required om_om2authid" and "auth required pam_listfile ..." lines to ~/sys/pam.d/ual.remote and you can use that to block access for specified users.
Of course, that will also stop them coming in through MAPI, but that's probably what you want.

We really ought to have a separate PAM file for IMAP, but it's not practicable to do that until I've finished re-factoring the PAM stuff and brought it screaming and kicking into the 21st century.

jch

[cinnamngrl]

is there any way for the user to tell whether their IMAP access has been disabled?