Charles:
I believe your points are valid. But I'm just stuborn, I suppose :)
So stuborn as a matter of fact, that I patched qmail-smptd this weekend
to read a new control file which I called ipaddrallowed. In which I can
put things like 192.168. or a full IP addr. If the source address of
the client (as found via 'remoteip') matches those in the file, then the
connect/relay is allowed. That way, I can have only my domain in
rcpthosts, but allow my other clients access. Since I'm on a private
network and behind a firewall, I don't have to worry about spoofed
source addresses. As a matter of fact, I configured email access for my
son today while we were at my office (he's outta school and doesn't have
camp this week -- oh joy!) Anyway, all I did was add the a.b.c.d
address of the machine he was using in ipaddrallow and presto, he was
style'n!
;-)
David
Charles Cazabon wrote:
>
> David Means <[EMAIL PROTECTED]> wrote:
>
> > Charles Cazabon wrote:
> > >
> > > Eduardo Gargiulo <[EMAIL PROTECTED]> wrote:
> > > >
> > > > I had installed qmail and it's running ok. All the examples says to add
> > > > a line in /etc/inetd.conf to run qmail-smtpd, but I don't know how to
> > > > configure it in xinetd. Where can I find an xinetd example and what is
> > > > tcp-env for?
> > >
> > > Running qmail from inetd is deprecated. Download ucspi-tcp and run it
> > > under tcpserver.
> >
> > I personally don't care to run tcpserver, although I've run it in the past,
> > and it worked well at that time. tcpserver is nothing but a wrapper to
> > enable one to 1) log connections, and 2) keep unallowed hosts out. Xinetd
> > does that for me. Why would any one want to run two servers that can do the
> > same thing?
>
> tcpserver does much more than this; in particular, the ability to arbitrarily
> set environment variables on a per-IP or per-hostname basis is particularly
> valuable in controlling certain aspects of qmail's behaviour. I also find
> that tcpserver's controls on maximum concurrency are much better suited to
> controlling services than inetd/xinetd. I've also never had tcpserver crash,
> for any reason -- not something I can say about inetd/xinetd.
>
> Charles
> --
> -----------------------------------------------------------------------
> Charles Cazabon <[EMAIL PROTECTED]>
> GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
> Any opinions expressed are just that -- my opinions.
> -----------------------------------------------------------------------
