Re: up-imapproxy

[Sujit Choudhury]

We got round this problem, with the help of our consultant Mike Knell by 
doing the following changes, in /etc/xinetd.conf

#       disabled        = imap
service imap
{
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = nobody
        server          = /usr/sbin/stunnel
        server_args     = -c -r cyrus.wmin.ac.uk:993
        flags           = NOLIBWRAP
        only_from       = localhost
}
We have /etc/hosts.deny and /etc/hosts.allow and
So, it should work.

Thanks very much of all the answers.

Regards

Sujit
Alan Thew wrote:
On Mon, 23 Jan 2006 15:03 , Sujit Choudhury 
<[EMAIL PROTECTED]>...:

We are running cyrus on a box called cyrus (version 2.1.18)
We are running webmail/imapproxy on a box called webmail, imapproxy 
version 1.2.2.

Yes want to block answering to 143 from ALL mail clients.   However, 
due to huge amount of connections from webmail (php+horde+imapproxy) 
we are unable to do so.


This will block clients that use STARTTLS surely?

Alan Thew


This hopefully give you some idea of our setup.

Many thanks

Sujit

Dave McMurtrie wrote:

Sujit Choudhury wrote:

We are using cyrus and webmail (on a different box). I wanted to 
comment out imap on /etc/cyrus.conf file, only to find that webmail 
stopped working.  So back to uncomment the line
 imap          cmd="imapd" listen="imap" prefork=5

I suppose we can use stunnel on the webmail machine in the following 
way:
/usr/sbin/stunnel -d 993 -l /usr/sbin/imapd imapd

but this would not solve the problem of imapproxy.

Is there any simple answer?



You left out many details here.  I guess you're trying to prevent 
cyrus from answering on 143 so you can force all clients to use imaps 
over 993?

What version of cyrus are you running?  What version of imapproxy are 
you running?  Is imapproxy running on the same host as your webmail 
app, or is it on your cyrus server?  If imapproxy is on the same host 
as your webmail app and you're running imapproxy 1.2 or newer and 
cyrus 2.1 (I think 2.1 is when Ken added STARTTLS support to cyrus, 
but I could be wrong) or newer you can use STARTTLS between imapproxy 
and cyrus.

Thanks,

Dave
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html