[CentOS] cyrus: socket options
hw
hw at gc-24.de
Sat Mar 17 12:10:38 UTC 2018
On 03/16/2018 10:21 PM, Alexander Dalloz wrote:
> Am 16.03.2018 um 13:07 schrieb hw:
>> [...]
>> # lmtp cmd="lmtpd -a" listen="lmtp:127.0.0.1" prefork=4
>> lmtpunix cmd="lmtpd -a" listen="/var/lib/imap/socket/lmtp"
>> prefork=4
>> [...]
>
> Both definitions are wrong:
>
> 1) the lmtp line
>
> man cyrus.conf
>
> listen=<no default>
> The UNIX or internet socket to listen on. This string field is required
> and takes one of the following forms:
>
> path
> [ host : ] port
>
> So listen="lmtp:127.0.0.1" is utterly nonsense. It would be
> listen="127.0.0.1:lmtp" if you want to restrict access to localhost.
Right, that must have come from all the experimentation and gone unnoticed.
> 2) the lmtpunix line
>
> man lmtpd
>
> -a
>
> Preauthorize connections initiated on an internet socket, instead
> of requiring LMTP AUTH. This should only be used for connections coming
> from trusted hosts.
>
> So no pre-auth on the unix socket.
I read it such that '-a' means I don´t need to worry about authorization.
Do you mean to say it should only be used when the socket is not a file?
If that is so, the manpage should say that, and it should say what the
option does when the socket is a file. Maybe it´s ignored for files,
maybe it breaks stuff. The manpage does not say that authorization is
omitted when the socket is a file, so what does it actually say?
> And why do you define a prefork of 4?
Why not? The server has 4 cores, and I haven´t read any suggestions yet
about how many processes should be preforked. I can imagine it might
not make sense or not work at all when the socket is a file and that it
might not make sense when the socket is not a file because there are no
other hosts connecting. IIRC exim can spawn processes to do deliveries,
so it might yet make sense despite no other hosts connect.
>
> Alexander
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list