I finally started looking into how to use libwrap, and even got the code working: http://dovecot.org/patches/1.0/tcp-wrappers.patch However once everything was done, I realized it can't work that way because login processes are normally chrooted. So if you want TCP wrappers and don't care that much about the security given by chrooting, you could disable it and use the above patch. Alternatively you could just make sure that the hosts.allow/deny files are always copied inside the chroot. I think I'll just forget about TCP wrappers for now, and implement it in Dovecot 2.0 as some separate non-chrooted process. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 191 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20060409/230118c2/attachment.bin>