Tuomas Toropainen wrote:
Hello everyone
I'm trying to accomplish 2 things:
1) prevent plain logins without ssl/tls over network
2) prevent cyrus admin user(s) from logging in over network
(users are authenticated from ldap and admin(s) from local sasldb)
Here are complete cyrus configuration files (with debugging turned off
and comments stripped):
/etc/cyrus.conf
START {
recover cmd="/usr/sbin/ctl_cyrusdb -r"
delprune cmd="/usr/sbin/cyr_expire -E 3"
tlsprune cmd="/usr/sbin/tls_prune"
}
SERVICES {
imap cmd="imapd -U 30" listen="213.255.190.58:imap"
^^^^
prefork=0 maxchild=100
imaps cmd="imapd -s -U 30"
listen="213.255.190.58:imaps" prefork=0 maxchild=100
imap cmd="imapd -U 30 -C /etc/imapd.conf.localhost"
^^^^
Entries in cyrus.conf need to have unique names, like 'imapext' and
'imapint' or 'imap1', 'imap2', etc
listen="127.0.0.1:imap" prefork=0 maxchild=100
lmtpunix cmd="lmtpd"
listen="/var/spool/postfix/extern/cyrus/lmtp" prefork=0 maxchild=20
sieve cmd="timsieved" listen="localhost:sieve"
prefork=0 maxchild=100
notify cmd="notifyd"
listen="/var/run/cyrus/socket/notify" proto="udp" prefork=1
}
EVENTS {
checkpoint cmd="/usr/sbin/ctl_cyrusdb -c" period=30
delprune cmd="/usr/sbin/cyr_expire -E 3" at=0401
tlsprune cmd="/usr/sbin/tls_prune" at=0401
}
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
