> De : Bob Miller <b...@computerisms.ca> > > Hi, >> I'm trying to tighten the security a little bit and added in dovecot.conf > >> login_trusted_networks = 192.168.1.0/30 >> Then restarted Dovecot >> >> >> My client has the IP 192.168.1.20 and it's still able to retrieve > emails. I expected it to be forbidden. Am I missing something ? > > My interpretation of the documentation indicates that the trusted > network setting causes certain authentication and security checks to be > bypassed if a computer is in the trusted network, and to not bypass > those authentication and security checks if the computer is not in the > trusted range. I see nothing indicating this setting will "forbid" > anything... > >> I feel that Dovecot is slow. I'm doing my test with my iphone as an > imap client. >> Test 1: I retrieve a mail on a remote server provided by a hosting company, > it takes 2 seconds >> Test 2: I retrieve a mail on my server which is on my LAN, the mail > includes a few letters in the subject and a few letters in the body. The > action > takes about 8 seconds. >> It's quite subtule to measure so first I would like to know if Dovecot > tries to do a dns reverse lookup or something like that. And it would explain > the overhead. > > I don't know about the reverse lookup, but this sounds like a caching > issue to me. http://wiki2.dovecot.org/IndexFiles
Hello Bob, Thank you for this clarification about the parameter login_trusted_networks. Regarding the indexfiles, I've read the page but I don't see at any moment, how to enable or disable the indexes. Also how do you understand this sentence "# Don't use mmap() at all. This is required if you store indexes to shared # filesystems (NFS or clustered filesystem) or for some operating systems # which use a separate cache for mmap, such as OpenBSD. mmap_disable = yes" I've read it 10 times, and I don't know if this should be set to yes or no (probably because my english is not perfect). My operating system is OpenBSD and I don't share NFS or cluster filesystems. Thank you