courier-imap

Odhiambo Washington wash at wananchi.com
Wed Apr 20 22:40:39 PDT 2005 

* Christian Damm <christian.damm at diewebmaster.at> [20050421 00:08]: wrote:
> 
> 
> Odhiambo Washington schrieb:
> >Hello Sysadmins,
> >
> >Does anyone have any clues as to how I can easily limit access to my
> >imapd daemon to just a few hosts?
> >I am running courier-imap but looking at /etc/inetd.conf, I don't
> >see how I could put it in there and hence use hosts.allow to control
> >access. Google has not helped much, but again I may be searching using
> >wrong keyword.
> 
> 1.) you can use the courier-suites own tcp server (quite similar to the 
> DJB tcp server), 'couriertcpd' - look into the manpage, it is able to do 
> ip restrictions and much more.

This assumes that I use courier as the MTA, yes?

In my case I only use the IMAP daemon. I use other MTA.


> 2.) dont know if it is possible to compile courier imap aginst libwrap 
> and use the tcp wrapper (hosts.allow).


Perhaps this one might be better. I will look into this.


> 3.) i would not start courier imap via inetd/xinetd - courier imap was 
> developed to be a stanalone imap daemon running within the 
> courier-suite/framework...sure, you could use tcp wrapper without probs 
> when using inetd/xinetd but there are better solutions than using one of 
> the "super servers" *urghh*.

I learnt that as well just yesterday! I had forgotten it's supposed to
be a standalone server.



> 4.) use the packet filter on your border router/gateway/firewall or 
> firewall the host directly via ipfw/ipf/pf to restrict access.


I will start with this, since it's the easiest.




-Wash

http://www.netmeister.org/news/learn2quote.html

--
+======================================================================+
    |\      _,,,---,,_     | Odhiambo Washington    <wash at wananchi.com>
Zzz /,`.-'`'    -.  ;-;;,_ | Wananchi Online Ltd.   www.wananchi.com
   |,4-  ) )-,_. ,\ (  `'-'| Tel: +254 20 313985-9  +254 20 313922
  '---''(_/--'  `-'\_)     | GSM: +254 722 743223   +254 733 744121
+======================================================================+
Make it myself?  But I'm a physical organic chemist!

More information about the freebsd-isp mailing list