similar to: LMTP ignoring tcpwrappers

It works ! It was THAT easy ! Can you suggest how to replace the hair I pulled out ? :-) On 2016-12-29 5:27 PM, Larry Rosenman wrote: > login_access_sockets = tcpwrap > > service tcpwrap { > unix_listener login/tcpwrap { > group = $default_login_user > mode = 0600 > user = $default_login_user > } > } > > > > On Thu, Dec 29, 2016 at

I have compiled dovecot2 for FreeBSD with the tcpwrap option. A tcpwrap binary gets built and resides in the FreeBSD directory /usr/local/libexec/dovecot an examination of the compiled options (using the FreeBSD pkg install dovecot2) confirms: LIBWRAP : on yet, when I adjust dovecot.conf with: login_access_sockets = tcpwrap I get the following logged error message: 20161229 17:02:49

hi everybody having I believe sort of plain-vanilla config with section in 10-tcpwrapper.conf as per docs login_access_sockets = tcpwrap service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } /etc/hosts.deny contains: ALL: given_host and yet dovecot logins IMAP client in whereas other tcpwrapper aware

Hello, I run dovecot-2/Maildir/LDAP user/passdb and would like to be able to deny acess to users who connect from certain domains/IP (google.com for instance since in that case they gave their credentials to a third party). My understanding is that I cannot use some negative form of "allow_nets". The only mechanism I can think of is tcp_wrappers. However, dovecot documentation mention

Hi, 2.0 compiles fine in Solaris but and I've found only one glitch so far. Tcpwapper support needs some tweaks. I need to add CPPFLAGS=/usr/sfw/include because tcpd.h is in there. Then also LDFLAGS='-R/usr/sfw/lib -L/usr/sfw/lib' is needed. It would be nice to have --with-tcpwrap-dir or something. After this linking gives an error Undefined first referenced symbol in file

Hi, I used dovecot 1.x for quite a while and it worked fine. However, I used it through inetd and used hosts.allow/deny to restrict access to only certain groups of systems. Since yesterday I have dovecot 2.0.13. But in version 2.0.13 it seems that starting using inetd doesn't work anymore : I only get a strange error message if I try to connect using telnet : telnet localhost imap

Good Morning, I have a Centos 4.5 (x86_64) server running samba to share data with windows users. We've been going through a security audit and the following log entries were noted: [2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206) get_alias_user_groups: gid of user bendew doesn't exist. Check your /etc/passwd and /etc/group files [2007/09/24 09:37:29, 1]

Dovecot with libwrap doesn't work on FreeBSD for some reason or another. I have these lines in my /etc/hosts.allow: ALL: LOCAL 127.0.0.1: allow pop3: ALL: allow ALL: ALL: deny Yet when you try to telnet to localhost, port 110 this is what happens: Aug 29 22:48:38 dodo dovecot: pop3-login: Error: connect(tcpwrap) failed: Permission denied I also tried auth_debug=yes to see what's wrong

I have set up entries in /etc/hosts.allow and /etc/hosts.deny as follows: /etc/hosts.allow sendmail : 10.0.0.0/255.0.0.0 sendmail : LOCAL /etc/hosts.deny sendmail : ALL When I try to connect to port 25 from an Internet host via telnet, the server still responds as usual. The only difference I see is this in my /var/log/maillog: Apr 24 15:41:49 server sendmail[20691]: m3OKfna20691: tcpwrappers

Can anyone share the proper config to get wrappers working in dovecot on FreeBSD? The dovecot examples do not seem to work, and I thought perhaps FBSD needs slightly different configs. I've compiled with: -DHAVE_LIBWRAP which I presume is the first step. The example for dovecot.conf in uncommenting: login_access_sockets = tcpwrap merely causes a log error of "imap-login: Error:

On Fri, Aug 21, 2020 at 06:02:49PM +1200, Peter wrote: > On 21/08/20 5:55 pm, Aki Tuomi wrote: > > > At a guess it was removed from the spec for el8 (which does not support > > > tcpwrap) and somehow got removed from el7 by accident. The ghettoforge > > > dovecot23 packages have tcpwrap support for el7: So is el8 truly incompatible with tcpwrap? Or is it just too

I'm trying to kickstart 2.0b3 on my NetBSD system (where 1.2.x works great!), and keep hitting: Fatal: service(tcpwrap) access(/software/dovecot-2.0beta3/libexec/dovecot/tcpwrap) failed: No such file or directory Indeed, that file doesn't exist...but I don't have nor want libwrap. It appears that doveconf includes tcpwrap... service tcpwrap { chroot = client_limit = 1

I don't know if this is RedHat 5.1 specific, but be aware that the version of portmap distributed is the enhanced (Wietse Venema) version. That's great, except for two things. The first is documented, but easy to overlook: "In order to avoid deadlocks, the portmap program does not attempt to look up the remote host name or user name...The upshot of all this is that only network

> On 21/08/2020 08:48 Peter <peter at pajamian.dhs.org> wrote: > > > On 20/08/20 11:02 pm, Thomas Scheunemann wrote: > > Using the Repo http://repo.dovecot.org/ce-2.3-latest after upgrading from > > 2.3.10.1-3 to 2.3.11.3-3 we get numerous error messages like: > > > > dovecot: imap-login: Error: connect(tcpwrap) failed: No such file or directory >

Hi, A few things regarding logging and libwrap.. a) PAM_RHOST patch Back in July, dean gaudet helpfully posted a patch to dovecot PAM_RHOST the remote IP. Is this going to be included in the main dovecot tree? It seems like a worthwhile addition. The more informative and concise the logging the better. See http://www.dovecot.org/list/dovecot/2004-July/004011.html for the original message.

I am unable to get 2.0.beta4 to compile. I get the following errors: /usr/lib64/gcc/x86_64-slackware-linux/4.3.3/../../../../lib64/libwrap.a(hosts_access.o): In function `host_match': hosts_access.c:(.text+0x625): undefined reference to `yp_get_default_domain' collect2: ld returned 1 exit status make[3]: *** [tcpwrap] Error 1 make[3]: Leaving directory

On 23 April 2014 21:43, mancha <mancha1 at zoho.com> wrote: > On Wed, Apr 23, 2014 at 12:26:58PM -0700, Iain Morgan wrote: >> A slightly better solution would be a PAM module that uses the same >> syntax as libwrap. Possibly someone has already written such a module. > > Possibly, but only for platforms which use for PAM. Pam is executed so late in the chain that any

I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix). (FWIW, I think a 2.8.1.1 or 2.8.2 immediately with the fix is in order. >From a packaging viewpoint, the effort to update for a release is about 3 minutes plus time to adapt anythhing that has changed. So I'd much rather have releases more often.) In the pkgsrc build, nut finds tcp wrappers because they are part of the base system.

http://bugzilla.mindrot.org/show_bug.cgi?id=973 Summary: sshd behaves differently while doing syslog entries for tcpwrappers denied message, with -r and without -r option. Product: Portable OpenSSH Version: 3.9p1 Platform: All OS/Version: All Status: NEW Severity: normal

I wasn't sur if you're the right person to send the bug reports to... SCO Unixware 7.1.0 (uname: UnixWare) and probably the 2.1.x versions (uname: UNIX_SV) requires also to have USE_PIPES defined. Also when compiling with tcpwrap it doesn't link due to the fact that UW doesn't have setenv() and libwrap have one built-in (duplicate symbols)... Also when using the SSH2 protocol to