Client access to Message Store servers

From Messaging Server Technical Reference Wiki
Jump to: navigation, search

The TCP client access control mechanism used by Message Store servers such as the POP and IMAP servers, and proxy servers such as the MMP and MSHTTP, uses TCP wrappers. The ENS server also uses this mechanism.

Note that the MMP behaves a bit differently with respect to access control than do the other services, in that the MMP "imap" service controls both IMAP and IMAP+SSL services; that is, it controls both ports 143 and 993. In contrast, other Messaging Server services treat IMAP and IMAP+SSL as separate services, each with their own separate access control.

See also the connlimits option, which may be used to limit the number of connections, (rather than outright blocking). And see the bg* options, such as bgpenalty, which may be configured to penalize failed authentication attempts.

For allowing inspection of (rather than controlling/limiting) when a user last accessed the Message Store, see the enablelastaccess base option. For allowing inspection of what users are currently connected via the IMAP server or via the MSHTTP server, see the enableuserlist IMAP and MSHTTP options. And see the imsconnutil utility for displaying such information.

For access control on the MTA's SMTP server and other Dispatcher services, see instead Mail filtering and access control and in particular the PORT_ACCESS mapping table.

See also: