Client access to Message Store servers
The TCP client access control mechanism used by Message Store servers such as the POP and IMAP servers, and proxy servers such as the MMP and MSHTTP, uses TCP wrappers. The ENS server also uses this mechanism.
Note that the MMP behaves a bit differently with respect to access control than do the other services, in that the MMP "
imap" service controls both IMAP and IMAP+SSL services; that is, it controls both ports 143 and 993. In contrast, other Messaging Server services treat IMAP and IMAP+SSL as separate services, each with their own separate access control.
See also the
connlimits option, which may be used to limit the number of connections, (rather than outright blocking). And see the
bg* options, such as
bgpenalty, which may be configured to penalize failed authentication attempts.
For allowing inspection of (rather than controlling/limiting) when a user last accessed the Message Store, see the
enablelastaccess base option. For allowing inspection of what users are currently connected via the IMAP server or via the MSHTTP server, see the
enableuserlist IMAP and MSHTTP options. And see the
imsconnutil utility for displaying such information.
- TCP wrappers
- connlimits Option
- bgpenalty Option
- Mail filtering and access control
- Connection access control
- Defending against denial of service attacks
- PORT_ACCESS mapping table
- ENS options
- IMAP options
- MMP and IMAP Proxy and POP Proxy and vdomain options
- MSHTTP options
- POP options
- enablelastaccess Option
- enableuserlist Option
- The Message Store