Cyrus and TCP Wrapper info needed.

[Mark London]

Hm, I thought I tested it and I thought it wasn't working, but maybe it was
because I had some junk in hosts.* that I didn't need.  I removed them, and it
works just as you advertise.  Thanks a lot!

Also, thanks to the person who sent me the iptables script.  I may use that at
a later date.

> If you are running Cyrus 2.x and compiled with TCP_wrappers support you
> just need to put entries in /etc/hosts.[allow|deny] and cyrus will do
> the rest.. In Cyrus 2.x xinetd/inetd aren't used to launch cyrus
> binaries. It sounds like you're using a linux box.. If you're using
> redhat tcp_wrappers are already compiled into xinetd. Here is an example
> hosts.allow
> 
> imaps: ALL
> imap: ALL
> sieve: webserver.domain.com
> lmtp: 10.10.10.0/26
> 
> 
> Do a man hosts.allow for more information on wrappers.
> 
> 
> Mark London wrote:
> > 
> > Hi - A couple of weeks ago people suggested that I could use TCP Wrapper to
> > restrict access to the IMAP port.   I'm confused, because I'm running xinetd,
> > which normally does not use libwrap, and instructions on using the TCP Wrapper
> > all talk about using inetd.   I see mention that xinetd can be compiled with
> > libwrap support, but I want to avoid doing that if I can.  And I assume I need
> > to either configure xinetd or inetd to get TCP Wrapper to work, or am I wrong?
> > I.e. I just can't compile cyrus with libwrap (which I've done) and set up
> > entries I hosts.allow and hosts.deny, right?
> > 
> > Some people suggested I use iptables to restrict access to the IMAP port.
> > While this might be the "simpler" approach, the documentation on iptables all
> > seems to include examples on how to set up a firewall.  I can't find an
> > example of just what I want to do, and since it looks like it would take days
> > to read the documentation on iptables, the TCP Wrapper option seems simpler.
> > Thanks. -   Mark