[Dovecot] Limit access to dovecot by domains?

Alan Brown ajb2 at mssl.ucl.ac.uk
Mon Oct 18 16:54:59 EEST 2010


 > Date: Fri, 15 Oct 2010 15:09:57 +1100
 > From: Jobst Schmalenbach <jobst at barrett.com.au>
 > Subject: Re: [Dovecot] Limit access to dovecot by domains?
 > To: Timo Sirainen <tss at iki.fi>
 > Cc: dovecot at dovecot.org
 > Message-ID: <20101015040957.GA3232 at senna.barrett.com.au>
 > Content-Type: text/plain; charset=us-ascii
 >
 > On Thu, Oct 14, 2010 at 03:31:23PM +0100, Timo Sirainen (tss at iki.fi) 
wrote:
 > > > On Wed, 2010-10-13 at 18:08 +1100, Jobst Schmalenbach wrote:
 > > >
 > >> > > Maybe I could include a script that would check the reverse 
DNS record
 > >> > > of a connected IP and then I could filter?????
 > > >
 > > > Wonder if tcpwrappers would work? You could use that with Dovecot 
v2.0.
 >
 > I have read a few things about this, it looks like its not so good to 
do it this way,
 > besides having proper written daemons running from (x)inted is a 
system overhead.

Huh? What are you talking about?

If dovecot has tcpwrapper support and is compiled -DTCPWRAP then it can 
run as a standalone daemon and will consult the hosts.allow/deny files, 
no need for inetd of any type. man 3 hosts_access

man 5 hosts_access for details on tuning. Tcpwrapper tuning is far more 
powerful than people realise.






More information about the dovecot mailing list