[prev in list] [next in list] [prev in thread] [next in thread]
List: popa3d-users
Subject: Re: Re[2]: Question about using popa3d and stunnel
From: Daniel Leite <dleite+popa3d () ccg ! pt>
Date: 2002-12-23 19:41:28
[Download RAW message or body]
Hi again
On Mon, 23 Dec 2002 12:41:04 -0600
James Olsen <jamesml@planetolsen.com> wrote:
> DL> the stunnel is a group and user JUST for stunnel
> DL> the /var/run/stunnel must have a etc/hosts.allow and
> DL> a etc/hosts.deny for proper tcp filter
> Please forgive me, I'm pretty new to configuration of these files. I'm
> not sure what I need to put into the hosts.allow and hosts.deny files
> regarding stunnel. May I ask to see what you've set up in your files?
make a etc directory in your defined chroot, root owned
do a create there a hosts.deny file with the line
ALL:ALL
then create the hosts.allow file and put there this
pop3s:all
ssmtp:all
imaps:all
change the "all" to the networks allowed to connect to this
services... exemple:
pop3s: 192.168. 127.0.0.1 200.200.200. test.com
this will allow connection to all computeres from
192.168.0.0/16, 127.0.0.1 (localhost) 200.200.200.0/24 and
finally all those that the reverse DNS ends with test.com
put here more services that you are using in stunnel so it
can accept connections or reject then
dont forget to configure the /etc/hosts.allow and .deny to
allow at least the localhost access for the popa3d
test it with telnet localhost 110
good luck
higuita
ps: please use the email dleite+popa3d @ ccg.pt instead of the dleite that i wrongly \
sent in the other message
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic