Menu

#54 Restrict users allowed to access server by ACL

v5.3.1
closed
nobody
None
5
2019-08-12
2010-11-08
Anonymous
No

I've looked around, but it doesn't appear as though there's any way of restricting which users can utilise DavMail. In my specific case, I've got DavMail running as a server, and pointed at my organisation's Exchange server, which is hosted and Exchange Online. Now, given the generic nature of the OWA address (red003.mail.apac.microsoftonline.com/owa), many other domains will be using this too, and given my server is public, I'd like to restrict which users DavMail allows through.

Restricting by IP subnet would work at the server's firewall level, it's not feasible to whitelist every IP subnet my users would be using (as they travel a lot).

The ability to have some form of an regex'd ACL (for whitelisting/blacklisting) would be brilliant. In my case, I would whitelist specific users in my domain, and then blacklist everything else. Having the ability to use regex in said ACL would handle situations where multiple domains should be let through (eg I know we are soon to have a 2nd domain instated). So, potential rules might be something like my.email@*.domain.com (specific user) or *@domain.com (specific entire domain).

Thank you very much for this amazing piece of software. It is truly brilliant.

Discussion

  • Comment has been marked as spam. 
    Undo

    View and moderate all "feature-requests Discussion" comments posted by this user

    Mark all as spam, and block user from posting to "Feature Requests"

    Anonymous

    Anonymous - 2010-11-08
    • summary: Restrict users allowed to access server by whitelist --> Restrict users allowed to access server by ACL
     

  • Mickael Guessant

    Mickael Guessant - 2011-01-01

    Makes sense, would need some work though

     

  • George L. Yermulnik

    George L. Yermulnik - 2012-10-02

    Great idea. I would request it too.

     

  • Mickael Guessant

    Mickael Guessant - 2018-10-16
    • Group: --> Roadmap
     

  • Mickael Guessant

    Mickael Guessant - 2018-10-16

    Still not implemented... but wouldn't be that hard, it's just a username filter.

     

  • Arnold Raynor

    Arnold Raynor - 2019-02-14

    I agree that a simple username filter would be a very useful feature for davmail servers on the internet.

    It would restrict undesired users without more complex methods such as VPNs or SSH tunnels. The point about travelling users and IP subnets has become more true with mobile devices that can't run davmail; a personal davmail server on the internet would be an ideal solution.

     

  • Mickael Guessant

    Mickael Guessant - 2019-08-12
    • status: open --> closed
    • Group: Backlog --> v5.3.1
     

  • Mickael Guessant

    Mickael Guessant - 2019-08-12

    Available in 5.3.1: a new davmail.userWhiteList setting to only allow limited users and/or domains, see https://github.com/mguessan/davmail/issues/47
    value is a comma separated list of emails or domains (user@company.com or @company.com)

     

Log in to post a comment.

MongoDB Logo MongoDB