[Dovecot] Dovecot configuration and question about IP trusted

Mik J mikydevel at yahoo.fr
Sat Oct 6 11:44:53 EEST 2012 

> De : Bob Miller <bob at computerisms.ca>

> 
> Hi,
>>  I'm trying to tighten the security a little bit and added in dovecot.conf
> 
>>  login_trusted_networks = 192.168.1.0/30
>>  Then restarted Dovecot
>> 
>> 
>>  My client has the IP 192.168.1.20 and it's still able to retrieve 
> emails. I expected it to be forbidden. Am I missing something ?
> 
> My interpretation of the documentation indicates that the trusted
> network setting causes certain authentication and security checks to be
> bypassed if a computer is in the trusted network, and to not bypass
> those authentication and security checks if the computer is not in the
> trusted range.  I see nothing indicating this setting will "forbid"
> anything...
> 
>>  I feel that Dovecot is slow. I'm doing my test with my iphone as an 
> imap client.
>>  Test 1: I retrieve a mail on a remote server provided by a hosting company, 
> it takes 2 seconds
>>  Test 2: I retrieve a mail on my server which is on my LAN, the mail 
> includes a few letters in the subject and a few letters in the body. The action 
> takes about 8 seconds.
>>  It's quite subtule to measure so first I would like to know if Dovecot 
> tries to do a dns reverse lookup or something like that. And it would explain 
> the overhead.
> 
> I don't know about the reverse lookup, but this sounds like a caching
> issue to me.  http://wiki2.dovecot.org/IndexFiles


Hello Bob,

Thank you for this clarification about the parameter  login_trusted_networks.

Regarding the indexfiles, I've read the page but I don't see at any moment, how to enable or disable the indexes.

Also how do you understand this sentence
"# Don't use mmap() at all. This is required if you store indexes to shared
# filesystems (NFS or clustered filesystem) or for some operating systems
# which use a separate cache for mmap, such as OpenBSD.
mmap_disable = yes"
I've read it 10 times, and I don't know if this should be set to yes or no (probably because my english is not perfect).
My operating system is OpenBSD and I don't share NFS or cluster filesystems.

Thank you

More information about the dovecot mailing list