[Dovecot] Listen on several (but not all) Interfaces
Hi, I'm using Dovecot 1.0rc15 from Debian stable/etch.
I'd like to have Dovecot listen on more than one interface. It shall listen on one IPv4 Interface and on one IPv6 Interface. The comments in the sample configuration file say, that it's not possible to listen on more than one interface at a time. Sadly it's no option to me to listen on all interfaces.
So I'd like to ask if there is a chance that Dovecot will support listening on several selected interfaces anytime soon?
Thanks in advance for every helpful reply.
Best Regards Dominik
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 6/7/07 4:27 PM, Dominik Schulz wrote:
Hi, I'm using Dovecot 1.0rc15 from Debian stable/etch.
I'd like to have Dovecot listen on more than one interface. It shall listen on one IPv4 Interface and on one IPv6 Interface. The comments in the sample configuration file say, that it's not possible to listen on more than one interface at a time. Sadly it's no option to me to listen on all interfaces.
So I'd like to ask if there is a chance that Dovecot will support listening on several selected interfaces anytime soon?
Thanks in advance for every helpful reply.
Best Regards Dominik
Dominik,
I've never done it personally, but I've seen mention of it on the list previously. You should be able to run 2 separate instances of dovecot each configured to listen to one interface individually.
alan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGZ7RpE2gsBSKjZHQRAlFkAJ0f/1Ugb8SPYa6wxteZny0zFxhG/gCeOjl9 SFLYb1Lxna0+6JKun2EjpsI= =a8FO -----END PGP SIGNATURE-----
Hi Dominik,
check out this one: http://wiki.dovecot.org/Iptables
I think you might as well use ssh tunneling from interface2 to interface1.
Greets, Moritz
Dominik Schulz schrieb:
Hi, I'm using Dovecot 1.0rc15 from Debian stable/etch.
I'd like to have Dovecot listen on more than one interface. It shall listen on one IPv4 Interface and on one IPv6 Interface. The comments in the sample configuration file say, that it's not possible to listen on more than one interface at a time. Sadly it's no option to me to listen on all interfaces.
So I'd like to ask if there is a chance that Dovecot will support listening on several selected interfaces anytime soon?
Thanks in advance for every helpful reply.
Best Regards Dominik
Hi, Dominik.
"Dominik" == Dominik Schulz <lkml@ds.gauner.org> writes:
Dominik> I'd like to have Dovecot listen on more than one interface. It shall Dominik> listen on one IPv4 Interface and on one IPv6 Interface.
Fe months ago, I made the unofficial trivial patch and posted for similar purpose, but interested noone.
Sorry, my patch may be applied dovecot-1.0-rc27 and dovecot-1.0.0. I don't know how dovecot-1.0-rc15 (debian version). Though, usually I use debian environment. I applied it to dovecot-1.0.0 debian official source and re-built local package.
Feature:
`listen' directive in dovecot.conf can be allowed multi IP. ex.
listen 127.0.0.1, 192.168.0.1
-- Kawabe,Yoshihiro <sowhat@amnis.co.jp> As the stars blink in the night sky, our married hearts are never splitted. Even if we will unclasp each other hands, until we retain that. by H.S.
Dominik Schulz wrote:
Hi, I'm using Dovecot 1.0rc15 from Debian stable/etch.
I'd like to have Dovecot listen on more than one interface. It shall listen on one IPv4 Interface and on one IPv6 Interface. The comments in the sample configuration file say, that it's not possible to listen on more than one interface at a time. Sadly it's no option to me to listen on all interfaces.
So I'd like to ask if there is a chance that Dovecot will support listening on several selected interfaces anytime soon?
The BDS socket bind() only allows one address to be specified (0 meaning all IPs on the system). In short, a program that wants to listen on few IPs but not all needs to open multiple sockets, and manage them. This adds some complexity because the program needs to know when it should read/write from each socket. This is easier in short request protocols like HTTP. it is not efficient in connected protocols.
The "common" practice in your case is to run multiple instances of the same program. This requires adding startup scripts and config files for each instance, but this is a one shot task. and an advantage of this is that you can chose completely different config parameters for each instance (including a "nice" level).
if your goal is to block access to few IPs, then consider doing this at a firewall level instead. if you have a NAT implementation on the system, you can even configure dovecot to listen on 127.0.0.1 and use your NAT to redirect whatever IPs to dovecot.
participants (5)
-
alan premselaar
-
Dominik Schulz
-
Moritz Mertinkat
-
mouss
-
Yoshihiro Kawabe