Hm, I thought I tested it and I thought it wasn't working, but maybe it was because I had some junk in hosts.* that I didn't need. I removed them, and it works just as you advertise. Thanks a lot!
Also, thanks to the person who sent me the iptables script. I may use that at a later date. > If you are running Cyrus 2.x and compiled with TCP_wrappers support you > just need to put entries in /etc/hosts.[allow|deny] and cyrus will do > the rest.. In Cyrus 2.x xinetd/inetd aren't used to launch cyrus > binaries. It sounds like you're using a linux box.. If you're using > redhat tcp_wrappers are already compiled into xinetd. Here is an example > hosts.allow > > imaps: ALL > imap: ALL > sieve: webserver.domain.com > lmtp: 10.10.10.0/26 > > > Do a man hosts.allow for more information on wrappers. > > > Mark London wrote: > > > > Hi - A couple of weeks ago people suggested that I could use TCP Wrapper to > > restrict access to the IMAP port. I'm confused, because I'm running xinetd, > > which normally does not use libwrap, and instructions on using the TCP Wrapper > > all talk about using inetd. I see mention that xinetd can be compiled with > > libwrap support, but I want to avoid doing that if I can. And I assume I need > > to either configure xinetd or inetd to get TCP Wrapper to work, or am I wrong? > > I.e. I just can't compile cyrus with libwrap (which I've done) and set up > > entries I hosts.allow and hosts.deny, right? > > > > Some people suggested I use iptables to restrict access to the IMAP port. > > While this might be the "simpler" approach, the documentation on iptables all > > seems to include examples on how to set up a firewall. I can't find an > > example of just what I want to do, and since it looks like it would take days > > to read the documentation on iptables, the TCP Wrapper option seems simpler. > > Thanks. - Mark
