> On 5.4.2013, at 18.19, Max Pyziur <p...@brama.com> wrote: > >> So my question relates to the second part of the configuration examples >> in the links above: >> >> service tcpwrap { >> unix_listener login/tcpwrap { >> group = $default_login_user >> mode = 0600 >> user = $default_login_user >> } >> } >> >> Where does this code get placed (in dovecot.conf or in one of the files >> in /etc/dovecot/conf.d)? > > Doesn't really matter. I'd put it into conf.d/10-master.conf which has > other services. > >> And regarding $default_login_user, it appears in a comment line in >> /etc/dovecot/conf.d/10-master.conf >> >> Should that line be uncommented? > > Just leave it uncommented and it'll use the default value (which it has > been using so far already).
After some delay, I'm returning to this project. I've made the changes per above. I've put in a test ip address in /etc/hosts.deny like so: dovecot: 166.84.1.2 And then I execute the following from 166.84.1.2 to port 110: bash-3.2$ telnet SiteWhereImConfiguringDovecot 110 Trying SiteWhereImConfiguringDovecot... Connected to SiteWhereImConfiguringDovecot. Escape character is '^]'. +OK Dovecot ready. quit +OK Logging out Connection closed by foreign host. If dovecot is configured with tcp wrappers (which it is; built on a CentOS 6 system, installed and configured per instructions), and the firewall has ports 110 and 143 open, but I'm blocking a particular host through /etc/hosts.deny then I should not be able to telnet to either port 110 or 143; both requests should be blocked from the originating IP, no? Much thanks for your help, Max Pyziur p...@brama.com