[Dovecot] Dovecot 2.1.7-7 only allow localhost access to IMAP and POP3
Recently I have upgraded my server to Debian 7. Debian have now removed uw-imapd and suggest using dovecot instead. Debian include dovecot version 2.1.7-7.
On http://www.debian-administration.org/articles/275 and http://www.debian-administration.org/articles/200 I can read how to setup older version of dovecot with SquirrelMail.
They recommend to use uncrypted IMAP when SquirrelMail is on same server.
What I would like to support is then imap, imaps, pop3 and pop3s.
imaps and pop3s for external users.
imap and pop3 only open for localhost, that is SquirrelMail on same machine.
With dovecot 1 you could restrict access using "imap_listen = localhost"
How do I make the same restriction with localhost on dovecot 2 ???
Brgds Torben
Am 29.05.2013 12:41, schrieb Torben Schou Jensen:
I can read how to setup older version of dovecot with SquirrelMail.
They recommend to use uncrypted IMAP when SquirrelMail is on same server.
What I would like to support is then imap, imaps, pop3 and pop3s.
imaps and pop3s for external users. imap and pop3 only open for localhost, that is SquirrelMail on same machine.
With dovecot 1 you could restrict access using "imap_listen = localhost"
How do I make the same restriction with localhost on dovecot 2 ???
if it listens only on localhost how should "imaps and pop3s for external users" work and additionally these days STARTTLS is recommended which works on the default ports 110/143
why do you not simply *offer* encryption *or* use webmail also with encryption?
On 05/29/2013 01:13 PM, Reindl Harald wrote:
Am 29.05.2013 12:41, schrieb Torben Schou Jensen:
I can read how to setup older version of dovecot with SquirrelMail.
They recommend to use uncrypted IMAP when SquirrelMail is on same server.
What I would like to support is then imap, imaps, pop3 and pop3s.
imaps and pop3s for external users. imap and pop3 only open for localhost, that is SquirrelMail on same machine.
With dovecot 1 you could restrict access using "imap_listen = localhost"
How do I make the same restriction with localhost on dovecot 2 ???
if it listens only on localhost how should "imaps and pop3s for external users" work and additionally these days STARTTLS is recommended which works on the default ports 110/143
why do you not simply *offer* encryption *or* use webmail also with encryption?
You should use imap with starttls (disable_plaintext_auth=yes) for the imap service, then use login_trusted_networks=<127.0.0.1/8 to allow webmail logins from localhost without ssl. Webmail doesn't use pop3, so no changes there.
If you insist on using imaps and/or pop3s, then these can live alongside the above without problems.
-- Tom
participants (3)
-
Reindl Harald
-
Tom Hendrikx
-
Torben Schou Jensen