Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] POP3S using qpopper and sslwrapper
On Thu, Jan 17, 2002 at 09:41:24PM +0100, Evert Smit wrote:
> Thanks for the input, it fixed my problem :)
> you wouldn't know by cance how to tell
> imap only to accept traffic from localhost?
i don't see why you want to restrict encrypted traffic to localhost, since
why do you use imap at all then?
> tried the entry in the hosts.deny and hosts.allow but no reaction..
well, it should react. order and spelling is very important, though.
but then, maybe you are right and the binary isn't linked against the
wrapper lib, and according to the docs you should not use tcpwrapper
tcpd.
I did the latter just now anyways, and it worked; and i could
disable/enable in /etc/hosts.deny with
ipop3d: ALL EXCEPT localhost

so you may use tcpd against the docs, and hope it works on the long
term, too; maybe they fixed it and forgot to change the docs accordingly.
pop3s stream tcp nowait.100 root /usr/sbin/tcpd /usr/sbin/ipop3d

and you can preceed the line in /etc/inetd.conf with the ip(s) to listen on.
it can be a comma separated list.
like
127.0.0.1,10.20.30.40:pop3s stream tcp nowait.100 root /usr/sbin/ipop3d ipop3d

works for most services, i don't know since which version of inetd

or do both...

"daf├╝r nich"
lars

< Previous Next >
References