Cyrus and TCP Wrapper info needed.

Paul M Fleming pfleming at siumed.edu
Tue Jun 17 11:10:04 EDT 2003


If you are running Cyrus 2.x and compiled with TCP_wrappers support you
just need to put entries in /etc/hosts.[allow|deny] and cyrus will do
the rest.. In Cyrus 2.x xinetd/inetd aren't used to launch cyrus
binaries. It sounds like you're using a linux box.. If you're using
redhat tcp_wrappers are already compiled into xinetd. Here is an example
hosts.allow

imaps: ALL
imap: ALL
sieve: webserver.domain.com
lmtp: 10.10.10.0/26


Do a man hosts.allow for more information on wrappers.


Mark London wrote:
> 
> Hi - A couple of weeks ago people suggested that I could use TCP Wrapper to
> restrict access to the IMAP port.   I'm confused, because I'm running xinetd,
> which normally does not use libwrap, and instructions on using the TCP Wrapper
> all talk about using inetd.   I see mention that xinetd can be compiled with
> libwrap support, but I want to avoid doing that if I can.  And I assume I need
> to either configure xinetd or inetd to get TCP Wrapper to work, or am I wrong?
> I.e. I just can't compile cyrus with libwrap (which I've done) and set up
> entries I hosts.allow and hosts.deny, right?
> 
> Some people suggested I use iptables to restrict access to the IMAP port.
> While this might be the "simpler" approach, the documentation on iptables all
> seems to include examples on how to set up a firewall.  I can't find an
> example of just what I want to do, and since it looks like it would take days
> to read the documentation on iptables, the TCP Wrapper option seems simpler.
> Thanks. -   Mark




More information about the Info-cyrus mailing list