listen to a dynamic interface

Raul Dias raul at
Mon Dec 12 17:46:52 EST 2005

let me explain better what I am trying to do.

I have 2 certificates for tls use.
One is for the internal network and the other for the Internet.

Cyrus let me do this by specifing <service>_tls_* config in
the /etc/imapd.conf and set separated services in the /etc/cyrus.conf.

The problem is that (AFAIK) the cyrus.conf file only let the format of
the "listen" option be either:
 listen="port" (in this case imap[s])
 listen="IP:port" (specific port)

The problem is that the Internet IP is dynamic and I will have to
changing it on every link up.

So far I can think into 2 solutions:
- A small perl script to be run on link up that corrects the ip address.
- make it run into another port and redirect the traffic with ip tables.

I am looking for a third way that only envolves cyrus (if that really

So, any ideas?

Raul Dias

On Mon, 2005-12-12 at 15:30 -0500, Bill Kearney wrote:
> You could always stop/start cyrus based on the ppp interface being live.
> That way it'd bind to whatever address is active and then only when the link
> is up.  I suppose you could leave it live all the time and just restart it
> when the ppp link state changes.
> It's not common to run a mail server behind a dynamic address, they
> generally benefit from being on stable, always-on, connections.  You *can*
> run them otherwise but it's usually not recommended.
> Other ideas like using a VPN come to mind but it depends on just how complex
> you need it to be.
> -Bill Kearney
> ----- Original Message ----- 
> > I want to set /etc/cyrus.conf to start another imap[s] proccess to
> > listen in a dynamic ip interface (ppp0).
> >
> > AFAIU, you have to specify the ip address of the interface in the
> > "listen" option.
> >
> > So, how would a ppp0 interface that has a dynamic ip that needs its own
> > proccess (that's because of the ssl certificate) be configured?
Raul Dias <raul at>

More information about the Info-cyrus mailing list