On 03/16/2018 10:21 PM, Alexander Dalloz wrote:
Am 16.03.2018 um 13:07 schrieb hw:
[...] # lmtp cmd="lmtpd -a" listen="lmtp:127.0.0.1" prefork=4 lmtpunix cmd="lmtpd -a" listen="/var/lib/imap/socket/lmtp" prefork=4 [...]
Both definitions are wrong:
- the lmtp line
man cyrus.conf
listen=<no default> The UNIX or internet socket to listen on. This string field is required and takes one of the following forms:
path [ host : ] port
So listen="lmtp:127.0.0.1" is utterly nonsense. It would be listen="127.0.0.1:lmtp" if you want to restrict access to localhost.
Right, that must have come from all the experimentation and gone unnoticed.
- the lmtpunix line
man lmtpd
-a
Preauthorize connections initiated on an internet socket, instead of requiring LMTP AUTH. This should only be used for connections coming from trusted hosts.
So no pre-auth on the unix socket.
I read it such that '-a' means I don´t need to worry about authorization.
Do you mean to say it should only be used when the socket is not a file? If that is so, the manpage should say that, and it should say what the option does when the socket is a file. Maybe it´s ignored for files, maybe it breaks stuff. The manpage does not say that authorization is omitted when the socket is a file, so what does it actually say?
And why do you define a prefork of 4?
Why not? The server has 4 cores, and I haven´t read any suggestions yet about how many processes should be preforked. I can imagine it might not make sense or not work at all when the socket is a file and that it might not make sense when the socket is not a file because there are no other hosts connecting. IIRC exim can spawn processes to do deliveries, so it might yet make sense despite no other hosts connect.
Alexander
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos