Date: Thu, 21 Apr 2005 08:40:35 +0300 From: Odhiambo Washington <wash@wananchi.com> To: freebsd-isp@freebsd.org Subject: Re: courier-imap Message-ID: <20050421054035.GA82393@ns2.wananchi.com> In-Reply-To: <4266C4BA.1010205@diewebmaster.at> References: <20050420145207.GC60384@ns2.wananchi.com> <4266C4BA.1010205@diewebmaster.at>
next in thread | previous in thread | raw e-mail | index | archive | help
* Christian Damm <christian.damm@diewebmaster.at> [20050421 00:08]: wrote: > > > Odhiambo Washington schrieb: > >Hello Sysadmins, > > > >Does anyone have any clues as to how I can easily limit access to my > >imapd daemon to just a few hosts? > >I am running courier-imap but looking at /etc/inetd.conf, I don't > >see how I could put it in there and hence use hosts.allow to control > >access. Google has not helped much, but again I may be searching using > >wrong keyword. > > 1.) you can use the courier-suites own tcp server (quite similar to the > DJB tcp server), 'couriertcpd' - look into the manpage, it is able to do > ip restrictions and much more. This assumes that I use courier as the MTA, yes? In my case I only use the IMAP daemon. I use other MTA. > 2.) dont know if it is possible to compile courier imap aginst libwrap > and use the tcp wrapper (hosts.allow). Perhaps this one might be better. I will look into this. > 3.) i would not start courier imap via inetd/xinetd - courier imap was > developed to be a stanalone imap daemon running within the > courier-suite/framework...sure, you could use tcp wrapper without probs > when using inetd/xinetd but there are better solutions than using one of > the "super servers" *urghh*. I learnt that as well just yesterday! I had forgotten it's supposed to be a standalone server. > 4.) use the packet filter on your border router/gateway/firewall or > firewall the host directly via ipfw/ipf/pf to restrict access. I will start with this, since it's the easiest. -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington <wash@wananchi.com> Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Make it myself? But I'm a physical organic chemist!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050421054035.GA82393>