From owner-freebsd-isp@FreeBSD.ORG Thu Apr 21 08:50:50 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9DFF816A4CE for ; Thu, 21 Apr 2005 08:50:50 +0000 (GMT) Received: from materva.diewebmaster.at (materva.diewebmaster.at [80.66.42.216]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC93943D4C for ; Thu, 21 Apr 2005 08:50:49 +0000 (GMT) (envelope-from christian.damm@diewebmaster.at) Received: from localhost (localhost.diewebmaster.at [127.0.0.1]) by materva.diewebmaster.at (Postfix) with ESMTP id BB58C2180E1; Thu, 21 Apr 2005 10:50:48 +0200 (CEST) Received: from materva.diewebmaster.at ([127.0.0.1]) by localhost (materva.diewebmaster.at [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 00762-06; Thu, 21 Apr 2005 10:50:48 +0200 (CEST) Received: from [192.168.1.14] (da.diewebmaster.at [192.168.1.14]) by materva.diewebmaster.at (Postfix) with ESMTP id 18B942180E0; Thu, 21 Apr 2005 10:50:48 +0200 (CEST) Message-ID: <42676862.5040605@diewebmaster.at> Date: Thu, 21 Apr 2005 10:46:26 +0200 From: Christian Damm User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103) X-Accept-Language: de-DE, de, en-us, en MIME-Version: 1.0 To: Odhiambo Washington References: <20050420145207.GC60384@ns2.wananchi.com> <4266C4BA.1010205@diewebmaster.at> <20050421054035.GA82393@ns2.wananchi.com> In-Reply-To: <20050421054035.GA82393@ns2.wananchi.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Scanned: by amavisd-new at diewebmaster.at cc: freebsd-isp@freebsd.org Subject: Re: courier-imap X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Apr 2005 08:50:50 -0000 Odhiambo Washington schrieb: > * Christian Damm [20050421 00:08]: wrote: > >> >>Odhiambo Washington schrieb: >> >>>Hello Sysadmins, >>> >>>Does anyone have any clues as to how I can easily limit access to my >>>imapd daemon to just a few hosts? >>>I am running courier-imap but looking at /etc/inetd.conf, I don't >>>see how I could put it in there and hence use hosts.allow to control >>>access. Google has not helped much, but again I may be searching using >>>wrong keyword. >> >>1.) you can use the courier-suites own tcp server (quite similar to the >>DJB tcp server), 'couriertcpd' - look into the manpage, it is able to do >>ip restrictions and much more. > > > This assumes that I use courier as the MTA, yes? > > In my case I only use the IMAP daemon. I use other MTA. > no, if you look at your PS output you`ll see 'couriertcpd' running - regardless which part of the courier suite you are using ('couriertcpd' is the courier suites generic tcp server) > > >>2.) dont know if it is possible to compile courier imap aginst libwrap >>and use the tcp wrapper (hosts.allow). > > > > Perhaps this one might be better. I will look into this. > method 1 is the best in any case imho. > > >>3.) i would not start courier imap via inetd/xinetd - courier imap was >>developed to be a stanalone imap daemon running within the >>courier-suite/framework...sure, you could use tcp wrapper without probs >>when using inetd/xinetd but there are better solutions than using one of >>the "super servers" *urghh*. > > > I learnt that as well just yesterday! I had forgotten it's supposed to > be a standalone server. > ok > > > >>4.) use the packet filter on your border router/gateway/firewall or >>firewall the host directly via ipfw/ipf/pf to restrict access. > > > > I will start with this, since it's the easiest. > true > > > > -Wash > > http://www.netmeister.org/news/learn2quote.html > > -- > +======================================================================+ > |\ _,,,---,,_ | Odhiambo Washington > Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com > |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 > '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 > +======================================================================+ > Make it myself? But I'm a physical organic chemist! > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > !DSPAM:42673d00268302104424051! > -- mfg. christian damm technische leitung phone: dw 42 email: christian.damm@diewebmaster.at icq at work: 124464652 die webmaster - flötzerweg 156 - 4030 linz - austria phone: +43-732-381242, fax: +43-732-381242-22, isdn (leonardo): +43-732-381242-33 homepage: www.diewebmaster.at, public email: office@diewebmaster.at