Cyrus and TCP Wrapper info needed.
mrl at PSFC.MIT.EDU
Tue Jun 17 14:25:27 EDT 2003
Hm, I thought I tested it and I thought it wasn't working, but maybe it was
because I had some junk in hosts.* that I didn't need. I removed them, and it
works just as you advertise. Thanks a lot!
Also, thanks to the person who sent me the iptables script. I may use that at
a later date.
> If you are running Cyrus 2.x and compiled with TCP_wrappers support you
> just need to put entries in /etc/hosts.[allow|deny] and cyrus will do
> the rest.. In Cyrus 2.x xinetd/inetd aren't used to launch cyrus
> binaries. It sounds like you're using a linux box.. If you're using
> redhat tcp_wrappers are already compiled into xinetd. Here is an example
> imaps: ALL
> imap: ALL
> sieve: webserver.domain.com
> lmtp: 10.10.10.0/26
> Do a man hosts.allow for more information on wrappers.
> Mark London wrote:
> > Hi - A couple of weeks ago people suggested that I could use TCP Wrapper to
> > restrict access to the IMAP port. I'm confused, because I'm running xinetd,
> > which normally does not use libwrap, and instructions on using the TCP Wrapper
> > all talk about using inetd. I see mention that xinetd can be compiled with
> > libwrap support, but I want to avoid doing that if I can. And I assume I need
> > to either configure xinetd or inetd to get TCP Wrapper to work, or am I wrong?
> > I.e. I just can't compile cyrus with libwrap (which I've done) and set up
> > entries I hosts.allow and hosts.deny, right?
> > Some people suggested I use iptables to restrict access to the IMAP port.
> > While this might be the "simpler" approach, the documentation on iptables all
> > seems to include examples on how to set up a firewall. I can't find an
> > example of just what I want to do, and since it looks like it would take days
> > to read the documentation on iptables, the TCP Wrapper option seems simpler.
> > Thanks. - Mark
More information about the Info-cyrus