Security setting you can use to restrict remote web admin access Mask of valid IP addresses for admin users (default *), this is a
Syntax: g_admin_guesses int g_admin_ip - Admin IP access Once this has been reached the ip is banned. This sets the number of guesses allowed for the admin Syntax: g_admin_access_default string g_admin_guesses G_user_access_default "all,!users,!reports" The server, it is specified in the same maner as the g_admin_access settings 'access' This setting is a default access list for all domain admins on Syntax: g_admin_access group=string access=string g_admin_access_default -ĭefault features granted to domain admins The above setting gives admins in the 'simple' group access toĪll the features except the users and reports features. G_admin_access group="simple" access="all,!users,!reports" Which mean exactly what they say, access to "all" or "none" of the There are two other special case values, "all" and "none" In addition you can prefix any of the above with ! to denyĪccess. SmiteSpam and Aspam processing of messages.Īccess to domain users "Spam" pages' spamĪccess to the "Usage" button, which shows aĪccess to the "Redirect" page and settings.Īccess to the "Redirect CC" page and settings. The list may include any of the following: ValueĪccess to the "Bulletins" page and features.Īccess to domain users "Centipaid" page andĪccess to domain users "Email Notification"Īccess to domain users "Exceptions" page.Īccess to domain users "Friends" pages, andĪccess to domain users "Forwarding" features,Īccess to domain users "Mailbox" page, view Wildcard specified and applies the specified access list to thatĭomain admin, giving / restricting thier access to certainįeatures. This setting matches the g_access_group the admin is in to the G_admin_access group="wildcard" access="list" Syntax: g_acctlog_sum_inactive bool g_admin_access - Allow / Restrictĭomain admin access to features based on g_access_group Syntax: g_acctlog_noauth bool g_acctlog_sum_inactive - Summarise local accounts that have not logged in yet as setting has no further documentation currently available Syntax: g_acctlog_aliases bool g_acctlog_noauth - Log sending usage based on from which may be fake Syntax: g_access_webonly string g_acctlog_aliases - Log redirection & aliases in account usage too Syntax: g_access_surgeweb bool g_access_webonly - Users in this group can only use web not imap or pop Syntax: g_access_group_default string g_access_surgeweb - Apply g_access_group rules to surgeweb sessions based on client's address (mustīe used in conjunction with g_access_group) Syntax: g_access_group group=string access_pop=string access_imap=string access_smtp=string access_incoming=string g_access_group_default -Īccess group defaults for users with no access groups set. G_access_group group="nowebmail" access_pop="*,!webmail.ip"Īccess_imap="*,!webmail.ip" access_smtp="*"Īnd put the users you want to limit in a group called G_access_group group="normal" access_pop="*" access_imap=*" To prevent webmail access for some users you would do this:
With "Access type" set to "free_user" on accounts page orĮquivalently in nwauth authentication. G_access_group group=free_user access_pop=Īccess_imap= access_smtp= G_access_group group=paid_user access_pop=* access_imap=*
this could allow you to charge webmail users for pop access When a user is authenticated access isĬhecked against group membership defined in the "mailaccess" field Syntax: g_about_disable bool g_access_group - Access groupsĪccess rules defining groups of IP addresses with certain POP, This setting has no further documentation currently available
Will take ranges also like 10.0.1-120.5 and also support CIDRĪnd there is an online CIDR calculator here. Try and match on any 127.* or 10.* domains. Many settings will also accept a ! as a "not", and are processedįrom left to right. Note: Most 'matching' settings take wild card lists as
0 kommentar(er)
