De : Bob Miller <bob@computerisms.ca>
Hi,
I'm trying to tighten the security a little bit and added in dovecot.conf
login_trusted_networks = 192.168.1.0/30 Then restarted Dovecot
My client has the IP 192.168.1.20 and it's still able to retrieve emails. I expected it to be forbidden. Am I missing something ?
My interpretation of the documentation indicates that the trusted network setting causes certain authentication and security checks to be bypassed if a computer is in the trusted network, and to not bypass those authentication and security checks if the computer is not in the trusted range. I see nothing indicating this setting will "forbid" anything...
I feel that Dovecot is slow. I'm doing my test with my iphone as an imap client. Test 1: I retrieve a mail on a remote server provided by a hosting company, it takes 2 seconds Test 2: I retrieve a mail on my server which is on my LAN, the mail includes a few letters in the subject and a few letters in the body. The action takes about 8 seconds. It's quite subtule to measure so first I would like to know if Dovecot tries to do a dns reverse lookup or something like that. And it would explain the overhead.
I don't know about the reverse lookup, but this sounds like a caching issue to me. http://wiki2.dovecot.org/IndexFiles
Hello Bob,
Thank you for this clarification about the parameter login_trusted_networks.
Regarding the indexfiles, I've read the page but I don't see at any moment, how to enable or disable the indexes.
Also how do you understand this sentence "# Don't use mmap() at all. This is required if you store indexes to shared # filesystems (NFS or clustered filesystem) or for some operating systems # which use a separate cache for mmap, such as OpenBSD. mmap_disable = yes" I've read it 10 times, and I don't know if this should be set to yes or no (probably because my english is not perfect). My operating system is OpenBSD and I don't share NFS or cluster filesystems.
Thank you