Displaying 20 results from an estimated 3000 matches similar to: "LMTP ignoring tcpwrappers"
2016 Dec 30
1
FreeBSD / dovecot 2.2.27 / libwrap
It works !
It was THAT easy !
Can you suggest how to replace the hair I pulled out ? :-)
On 2016-12-29 5:27 PM, Larry Rosenman wrote:
> login_access_sockets = tcpwrap
>
> service tcpwrap {
> unix_listener login/tcpwrap {
> group = $default_login_user
> mode = 0600
> user = $default_login_user
> }
> }
>
>
>
> On Thu, Dec 29, 2016 at
2016 Dec 30
1
FreeBSD / dovecot 2.2.27 / libwrap
I have compiled dovecot2 for FreeBSD with the tcpwrap option.
A tcpwrap binary gets built and resides in the FreeBSD directory
/usr/local/libexec/dovecot
an examination of the compiled options (using the FreeBSD pkg install
dovecot2) confirms: LIBWRAP : on
yet, when I adjust dovecot.conf with: login_access_sockets = tcpwrap
I get the following logged error message:
20161229 17:02:49
2013 Jul 03
1
tcpwrappers
hi everybody
having I believe sort of plain-vanilla config with section
in 10-tcpwrapper.conf
as per docs
login_access_sockets = tcpwrap
service tcpwrap {
unix_listener login/tcpwrap {
group = $default_login_user
mode = 0600
user = $default_login_user
}
}
/etc/hosts.deny contains:
ALL: given_host
and yet dovecot logins IMAP client in
whereas other tcpwrapper aware
2011 Feb 09
4
Domain blacklisting
Hello,
I run dovecot-2/Maildir/LDAP user/passdb and would like to be able to deny
acess to users who connect from certain domains/IP (google.com for instance
since in that case they gave their credentials to a third party).
My understanding is that I cannot use some negative form of "allow_nets". The
only mechanism I can think of is tcp_wrappers. However, dovecot documentation
mention
2010 Feb 25
2
dovecot-2.0.beta3 tcpwrapper support in Solaris
Hi,
2.0 compiles fine in Solaris but and I've found only one glitch so far.
Tcpwapper support needs some tweaks. I need to add
CPPFLAGS=/usr/sfw/include because tcpd.h is in there. Then also
LDFLAGS='-R/usr/sfw/lib -L/usr/sfw/lib' is needed. It would be nice to
have --with-tcpwrap-dir or something.
After this linking gives an error
Undefined first referenced symbol in file
2011 Jul 27
1
dovecot and tcpwrappers
Hi,
I used dovecot 1.x for quite a while and it worked fine. However, I used it
through inetd and used hosts.allow/deny to restrict access to only certain
groups of systems.
Since yesterday I have dovecot 2.0.13. But in version 2.0.13 it seems that
starting using inetd doesn't work anymore : I only get a strange error
message if I try to connect using telnet :
telnet localhost imap
2007 Sep 25
1
Samba and TCPWrappers
Good Morning,
I have a Centos 4.5 (x86_64) server running samba to share data with
windows users. We've been going through a security audit and the
following log entries were noted:
[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
get_alias_user_groups: gid of user bendew doesn't exist. Check your /etc/passwd and /etc/group files
[2007/09/24 09:37:29, 1]
2011 Aug 29
1
dovecot w/ libwrap on fbsd
Dovecot with libwrap doesn't work on FreeBSD for some reason or another.
I have these lines in my /etc/hosts.allow:
ALL: LOCAL 127.0.0.1: allow
pop3: ALL: allow
ALL: ALL: deny
Yet when you try to telnet to localhost, port 110 this is what happens:
Aug 29 22:48:38 dodo dovecot: pop3-login: Error: connect(tcpwrap) failed: Permission denied
I also tried auth_debug=yes to see what's wrong
2008 Apr 24
3
TCPWrappers + Sendmail = not working
I have set up entries in /etc/hosts.allow and /etc/hosts.deny as follows:
/etc/hosts.allow
sendmail : 10.0.0.0/255.0.0.0
sendmail : LOCAL
/etc/hosts.deny
sendmail : ALL
When I try to connect to port 25 from an Internet host via telnet, the
server still responds as usual. The only difference I see is this in
my /var/log/maillog:
Apr 24 15:41:49 server sendmail[20691]: m3OKfna20691: tcpwrappers
2016 Nov 14
2
dovecot / tcp-wrappers / FBSD 10.3
Can anyone share the proper config to get wrappers working in dovecot on
FreeBSD?
The dovecot examples do not seem to work, and I thought perhaps FBSD
needs slightly different configs.
I've compiled with: -DHAVE_LIBWRAP
which I presume is the first step.
The example for dovecot.conf in uncommenting:
login_access_sockets = tcpwrap
merely causes a log error of "imap-login: Error:
2020 Aug 21
2
RHEL7/CentOS7 RPM of dovecot 2.3.11.3-3 seems to have dropped tcpwrap support
On Fri, Aug 21, 2020 at 06:02:49PM +1200, Peter wrote:
> On 21/08/20 5:55 pm, Aki Tuomi wrote:
> > > At a guess it was removed from the spec for el8 (which does not support
> > > tcpwrap) and somehow got removed from el7 by accident. The ghettoforge
> > > dovecot23 packages have tcpwrap support for el7:
So is el8 truly incompatible with tcpwrap? Or is it just too
2010 Mar 07
1
2.0 beta 3 w/o libwrap?
I'm trying to kickstart 2.0b3 on my NetBSD system (where 1.2.x works
great!), and keep hitting:
Fatal: service(tcpwrap)
access(/software/dovecot-2.0beta3/libexec/dovecot/tcpwrap) failed: No
such file or directory
Indeed, that file doesn't exist...but I don't have nor want libwrap. It
appears that doveconf includes tcpwrap...
service tcpwrap {
chroot =
client_limit = 1
1998 Dec 15
1
portmap & tcpwrappers
I don't know if this is RedHat 5.1 specific, but be aware that the version
of portmap distributed is the enhanced (Wietse Venema) version. That's
great, except for two things. The first is documented, but easy to overlook:
"In order to avoid deadlocks, the portmap program does not attempt to look
up the remote host name or user name...The upshot of all this is that only
network
2020 Aug 21
2
RHEL7/CentOS7 RPM of dovecot 2.3.11.3-3 seems to have dropped tcpwrap support
> On 21/08/2020 08:48 Peter <peter at pajamian.dhs.org> wrote:
>
>
> On 20/08/20 11:02 pm, Thomas Scheunemann wrote:
> > Using the Repo http://repo.dovecot.org/ce-2.3-latest after upgrading from
> > 2.3.10.1-3 to 2.3.11.3-3 we get numerous error messages like:
> >
> > dovecot: imap-login: Error: connect(tcpwrap) failed: No such file or directory
>
2004 Oct 29
2
Logging and libwrap
Hi,
A few things regarding logging and libwrap..
a) PAM_RHOST patch
Back in July, dean gaudet helpfully posted a patch to dovecot PAM_RHOST the
remote IP. Is this going to be included in the main dovecot tree? It
seems like a worthwhile addition. The more informative and concise the
logging the better.
See http://www.dovecot.org/list/dovecot/2004-July/004011.html for the original
message.
2010 Mar 24
1
2.0.beta4 compile errors
I am unable to get 2.0.beta4 to compile. I get the following errors:
/usr/lib64/gcc/x86_64-slackware-linux/4.3.3/../../../../lib64/libwrap.a(hosts_access.o):
In function `host_match':
hosts_access.c:(.text+0x625): undefined reference to `yp_get_default_domain'
collect2: ld returned 1 exit status
make[3]: *** [tcpwrap] Error 1
make[3]: Leaving directory
2014 Apr 23
3
hackers celebrate this day: openssh drops security! was: Re: heads up: tcpwrappers support going away
On 23 April 2014 21:43, mancha <mancha1 at zoho.com> wrote:
> On Wed, Apr 23, 2014 at 12:26:58PM -0700, Iain Morgan wrote:
>> A slightly better solution would be a PAM module that uses the same
>> syntax as libwrap. Possibly someone has already written such a module.
>
> Possibly, but only for platforms which use for PAM.
Pam is executed so late in the chain that any
2023 Nov 09
2
2.8.1 build buglet: sockdebug.c
I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix).
(FWIW, I think a 2.8.1.1 or 2.8.2 immediately with the fix is in order.
>From a packaging viewpoint, the effort to update for a release is about
3 minutes plus time to adapt anythhing that has changed. So I'd much
rather have releases more often.)
In the pkgsrc build, nut finds tcp wrappers because they are part of the
base system.
2005 Jan 17
19
[Bug 973] sshd behaves differently while doing syslog entries for tcpwrappers denied message, with -r and without -r option.
http://bugzilla.mindrot.org/show_bug.cgi?id=973
Summary: sshd behaves differently while doing syslog entries for
tcpwrappers denied message, with -r and without -r
option.
Product: Portable OpenSSH
Version: 3.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
2001 Feb 12
1
OpenSSH 2.3.0p1 bug with SCO UnixWare 7.1.0
I wasn't sur if you're the right person to send the bug reports to...
SCO Unixware 7.1.0 (uname: UnixWare) and probably the 2.1.x versions
(uname: UNIX_SV)
requires also to have USE_PIPES defined.
Also when compiling with tcpwrap it doesn't link due to the fact that UW
doesn't have setenv() and libwrap have one built-in (duplicate
symbols)...
Also when using the SSH2 protocol to