[Dovecot] Limit access to dovecot by domains?
Alan Brown
ajb2 at mssl.ucl.ac.uk
Mon Oct 18 16:54:59 EEST 2010
> Date: Fri, 15 Oct 2010 15:09:57 +1100
> From: Jobst Schmalenbach <jobst at barrett.com.au>
> Subject: Re: [Dovecot] Limit access to dovecot by domains?
> To: Timo Sirainen <tss at iki.fi>
> Cc: dovecot at dovecot.org
> Message-ID: <20101015040957.GA3232 at senna.barrett.com.au>
> Content-Type: text/plain; charset=us-ascii
>
> On Thu, Oct 14, 2010 at 03:31:23PM +0100, Timo Sirainen (tss at iki.fi)
wrote:
> > > On Wed, 2010-10-13 at 18:08 +1100, Jobst Schmalenbach wrote:
> > >
> >> > > Maybe I could include a script that would check the reverse
DNS record
> >> > > of a connected IP and then I could filter?????
> > >
> > > Wonder if tcpwrappers would work? You could use that with Dovecot
v2.0.
>
> I have read a few things about this, it looks like its not so good to
do it this way,
> besides having proper written daemons running from (x)inted is a
system overhead.
Huh? What are you talking about?
If dovecot has tcpwrapper support and is compiled -DTCPWRAP then it can
run as a standalone daemon and will consult the hosts.allow/deny files,
no need for inetd of any type. man 3 hosts_access
man 5 hosts_access for details on tuning. Tcpwrapper tuning is far more
powerful than people realise.
More information about the dovecot
mailing list