[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The mailq service



...
> Doesn't work for me. I did it the way you suggested above and it still allows
> remote connections to this port. Before, I tried the following:
> 
> /etc/hosts.allow is empty (zmailer-wise)
> 
> /etc/hosts.deny:
> 	mailq: ALL@ALL except ALL@195.205.37.120
> 
> which also didn't work. So, I tried yet different solution - I added the
> mailq service to /etc/inetd.conf and restarted inetd. As it was to be
> expected, inetd refused to service this port since the socket was already
> in use by zmailer. I'm running Zmailer 2.99.50-s5.

Yes, but you didn't configure your ZMailer with  --with-tcp-wrappers
parameter ?   If you did, was it able to find <tcpd.h> file ?
How about -lwrap ?

As you may guess, per default the tcp-wrappers code IS NOT added to
the system.

In 3.* series the 'mailq' protocol will be modified so that nobody
gets in to do queries/administer without proper per-user authenticator.

/Matti Aarnio <mea@nic.funet.fi>