[Dovecot] Listening only on localhost
Hi!
I've got dovecot 1.0.rc15.
I want dovecot to listen only on localhost for imap, and on any interfaces for imaps. So I put the following into my config:
protocol imap { listen = 127.0.0.1:143 ssl_listen = *:10993 .. }
dovecot -n correctly reports: listen: 127.0.0.1:143 ssl_listen: *:10993
But I can still do a 'telnet MY_HOST 143' from the outside, and 'netstat -pltn | grep dovecot' reports: [ip changed ;)] tcp 0 0 77.my.ip.253:10993 0.0.0.0:* LISTEN 4847/dovecot tcp 0 0 77.my.ip.253:143 0.0.0.0:* LISTEN 4847/dovecot
Am I doing something wrong? Or is there a bug?
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS. Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
On Mon, 2007-10-29 at 21:54 +0100, tobias-mail@gmx.net wrote:
I've got dovecot 1.0.rc15. .. dovecot -n correctly reports: listen: 127.0.0.1:143 ssl_listen: *:10993
But I can still do a 'telnet MY_HOST 143' from the outside, and 'netstat -pltn | grep dovecot' reports: [ip changed ;)] tcp 0 0 77.my.ip.253:10993 0.0.0.0:* LISTEN 4847/dovecot tcp 0 0 77.my.ip.253:143 0.0.0.0:* LISTEN 4847/dovecot
Am I doing something wrong? Or is there a bug?
Could be a bug. Works fine in v1.0.7.
On Fri, 2 Nov 2007, Timo Sirainen wrote:
On Mon, 2007-10-29 at 21:54 +0100, tobias-mail@gmx.net wrote:
I've got dovecot 1.0.rc15. .. dovecot -n correctly reports: listen: 127.0.0.1:143 ssl_listen: *:10993
But I can still do a 'telnet MY_HOST 143' from the outside, and 'netstat -pltn | grep dovecot' reports: [ip changed ;)] tcp 0 0 77.my.ip.253:10993 0.0.0.0:* LISTEN 4847/dovecot tcp 0 0 77.my.ip.253:143 0.0.0.0:* LISTEN 4847/dovecot
Am I doing something wrong? Or is there a bug?
Could be a bug. Works fine in v1.0.7.
I had a similar problem at some point. I fixed it by removing an idiotic alias in my /etc/hosts file. Some dingbat had aliased the server's FQDN to localhost. Maybe it's the other way 'round in your case.
Not optimistic, just the first thing that sprang to mind. (Pessimistic because I'd expect aliasing localhost to something other than 127.0.0.1 would break a lot more than just dovecot.)
Best, Ben
participants (3)
-
Benjamin R. Haskell
-
Timo Sirainen
-
tobias-mail@gmx.net