On 03/16/2018 10:21 PM, Alexander Dalloz wrote: > Am 16.03.2018 um 13:07 schrieb hw: >> [...] >> # lmtp cmd="lmtpd -a" listen="lmtp:127.0.0.1" prefork=4 >> lmtpunix cmd="lmtpd -a" listen="/var/lib/imap/socket/lmtp" >> prefork=4 >> [...] > > Both definitions are wrong: > > 1) the lmtp line > > man cyrus.conf > > listen=<no default> > The UNIX or internet socket to listen on. This string field is required > and takes one of the following forms: > > path > [ host : ] port > > So listen="lmtp:127.0.0.1" is utterly nonsense. It would be > listen="127.0.0.1:lmtp" if you want to restrict access to localhost. Right, that must have come from all the experimentation and gone unnoticed. > 2) the lmtpunix line > > man lmtpd > > -a > > Preauthorize connections initiated on an internet socket, instead > of requiring LMTP AUTH. This should only be used for connections coming > from trusted hosts. > > So no pre-auth on the unix socket. I read it such that '-a' means I don´t need to worry about authorization. Do you mean to say it should only be used when the socket is not a file? If that is so, the manpage should say that, and it should say what the option does when the socket is a file. Maybe it´s ignored for files, maybe it breaks stuff. The manpage does not say that authorization is omitted when the socket is a file, so what does it actually say? > And why do you define a prefork of 4? Why not? The server has 4 cores, and I haven´t read any suggestions yet about how many processes should be preforked. I can imagine it might not make sense or not work at all when the socket is a file and that it might not make sense when the socket is not a file because there are no other hosts connecting. IIRC exim can spawn processes to do deliveries, so it might yet make sense despite no other hosts connect. > > Alexander > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos