Tcpwrapper does not work?

Dave McMurtrie dave64 at
Fri Oct 8 07:40:43 EDT 2010

On 10/08/2010 07:24 AM, Paul van der Vlis wrote:
> Dave McMurtrie schreef:
>> On 10/08/2010 06:09 AM, Paul van der Vlis wrote:
>>> Hello,
>>> When I put in my /etc/hosts.deny this: imapd:
>>> And /etc/hosts.allow is empty.
>>> Then I still get my mail over IMAP from this IP with Cyrus.
>>> I use Cyrus 2.2.13 from Debian stable, so far I know this is compiled
>>> with tcpwrapper support.
>>> Does somebody understand this?
>> Hi Paul,
>> The service you specify for tcpwrappers in /etc/hosts.deny must be the
>> same as the service name you put in /etc/cyrus.conf.  Most likely you
>> want to use "imap" as the service and not "imapd"
> I've tried it, and you are right (and so is Hajimu).
> Strange, in the manual of tcp-wrappers they say you need to use the
> processname...

It's difficult to document this correctly from the tcp-wrappers side 
because libwrap doesn't determine the service name itself.  Rather, 
applications that link against libwrap have to tell libwrap the service 
name they're using.

Wrapping a service with tcpd in inetd.conf was more intuitive because 
the service name was specified on the same line in inetd.conf.


Dave McMurtrie, SPE
Email Systems Team Leader
Carnegie Mellon University,
Computing Services

More information about the Info-cyrus mailing list