1

Topic: roundcube access without permission to connect via IMAP

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.2
- Linux/BSD distribution name and version: Centos 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- Related log if you're reporting an issue:
====

A year ago when I set up the server using 0.8.7 I had a problem with customers accessing roundcubemail when they didn't have permission to use IMAP.  After a very long discussion on this forum I solved it by changing some code and the news was that the solution would be implemented in a future release.

It now seems like that problem is still there. Could you confirm this? Before I start changing code again?

TIA
Dominique

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: roundcube access without permission to connect via IMAP

Could you please explain the problem with more details? I don't understand what problem you had.

3

Re: roundcube access without permission to connect via IMAP

I also remember that user camel1cz kept coming up with other ideas/solutions that in my opinion could not work, so maybe you ended up not solving this as things got confusing.

4

Re: roundcube access without permission to connect via IMAP

When you disable IMAP access for a certain user it won't allow that user to access webmail as roundcube is using IMAP to connect to dovecot.

This is the thread I'm talking about:  http://www.iredmail.org/forum/topic5804 … -only.html

5 (edited by Dominique 2015-06-30 22:28:18)

Re: roundcube access without permission to connect via IMAP

I just verified the file I then changed and the problem is still there.

the query in /etc/dovecot/dovecot-mysql.conf still is

SELECT password, allow_nets FROM mailbox WHERE username='%u' AND enable%Ls%Lc=1 AND active=1   <<-- same problem
SELECT \
    '%u' AS master_user, \
    CONCAT(mailbox.storagebasedirectory, '/', mailbox.storagenode, '/', mailbox.maildir) AS home, \
    CONCAT('*:bytes=', mailbox.quota*1048576) AS quota_rule \
FROM mailbox,domain \
WHERE mailbox.username='%u' \
    AND mailbox.domain='%d' \
    AND mailbox.`enable%Ls%Lc`=1 \             <<--- this prevents access to webmail when IMAP is disabled for a user
    AND mailbox.domain=domain.domain \
    AND domain.backupmx=0 \
    AND domain.active=1 \
    AND mailbox.active=1

I will change it again manually now, so I can continue with my tests.

6

Re: roundcube access without permission to connect via IMAP

Dominique wrote:

When you disable IMAP access for a certain user it won't allow that user to access webmail as roundcube is using IMAP to connect to dovecot.

This is not solved yet. Sorry.

7

Re: roundcube access without permission to connect via IMAP

Too bad you never solved this problem, not following my advice... but you kept listening to camel1z who kept giving you the wrong info so the problem never went anywhere.

I still consider this a serious bug so maybe it'd be nice if you looked into this again and ignore the wrong info!