View Single Post
  #6  
Old 5th March 2009, 18:22
ophthal ophthal is offline
Junior Member
 
Join Date: Mar 2009
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Roundcube webmail linked to ISPconfig. Roundcube login depends on IMAP. With IMAP disabled through ISPconfig, the user authenticates OK but then the session disconnects.

telnet mymail.com 143
Trying 10.10.10.10...
Connected to mymail.com.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
. login user1@mymail.com XXXXXX
. OK LOGIN Ok.
* BYE IMAP access disabled for this account.
Connection closed by foreign host.

User is in though and can send e-mail. If disableimap stopped OK login, then user would not authenticate. Does this makes sense?
Something like the following in postfix/main.cf would block sending mail I think:

smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access mysql:/etc/postfix/mysql-virtual_sender_ban.cf

where mysql:/etc/postfix/mysql-virtual_sender.cf blocks blacklisted spamfilters from ISPconfig and
/etc/postfix/mysql-virtual_sender_ban.cf contains:

user = XXXXX
password = XXXXX
dbname = dbispconfig
table = mail_user
select_field = email
where_field = email
additional_conditions = and (postfix ='n' OR disableimap ='1')
hosts = 127.0.0.1

Should this block an ISPconfig user from sending? Does it makes sense?

I will investigate Roundcube and try to find out why the user is allowed access but from a pure ISPconfig point, is there a way to shut them out so setting postfix ='n' or disableimap='1' results in:

telnet mymail.com 143
Trying 10.10.10.10...
Connected to mymail.com.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
. login user1@mymail.com XXXXXX
. NO Login failed.
* BYE IMAP access disabled for this account.
Connection closed by foreign host.

Thanks again for your patience and for not jumping all over me for my ignorance. I have found these forums very useful and appreciate your willingness to help us, the dimmer bulbs in the chandelier.

Ray
Reply With Quote