On 03/16/2018 10:21 PM, Alexander Dalloz wrote:
Am 16.03.2018 um 13:07 schrieb hw:
[...]
# lmtp cmd="lmtpd -a" listen="lmtp:127.0.0.1" prefork=4
lmtpunix cmd="lmtpd -a" listen="/var/lib/imap/socket/lmtp"
prefork=4
[...]
Both definitions are wrong:
1) the lmtp line
man cyrus.conf
listen=<no default>
The UNIX or internet socket to listen on. This string field is required
and takes one of the following forms:
path
[ host : ] port
So listen="lmtp:127.0.0.1" is utterly nonsense. It would be
listen="127.0.0.1:lmtp" if you want to restrict access to localhost.
Right, that must have come from all the experimentation and gone unnoticed.
2) the lmtpunix line
man lmtpd
-a
Preauthorize connections initiated on an internet socket, instead
of requiring LMTP AUTH. This should only be used for connections coming
from trusted hosts.
So no pre-auth on the unix socket.
I read it such that '-a' means I don´t need to worry about authorization.
Do you mean to say it should only be used when the socket is not a file?
If that is so, the manpage should say that, and it should say what the
option does when the socket is a file. Maybe it´s ignored for files,
maybe it breaks stuff. The manpage does not say that authorization is
omitted when the socket is a file, so what does it actually say?
And why do you define a prefork of 4?
Why not? The server has 4 cores, and I haven´t read any suggestions yet
about how many processes should be preforked. I can imagine it might
not make sense or not work at all when the socket is a file and that it
might not make sense when the socket is not a file because there are no
other hosts connecting. IIRC exim can spawn processes to do deliveries,
so it might yet make sense despite no other hosts connect.
Alexander
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
