[TriLUG] RH /etc/xinetd.d/pop3s

Jeremy Portzer jeremyp at pobox.com
Thu Apr 17 11:37:26 EDT 2003 

On Thu, 2003-04-17 at 10:53, Turnpike Man wrote:
> I've got a 7.2 and 7.3 system and they have different default values in
> /etc/xinetd.d/pop3s.  I'm about to allow pop3s connections on the 7.2 system. 
> The 7.3 system is currently already working and has this pop3s:
> 
> service pop3s
> {
>         socket_type             = stream
>         wait                    = no
>         user                    = root
>         server                  = /usr/sbin/ipop3d
>         log_on_success         += HOST DURATION
>         log_on_failure         += HOST
>         disable                 = no
> }
> 
> Yet, the 7.2 system has this pop3s:
> 
> service pop3s
> {
>         socket_type             = stream
>         wait                    = no
>         user                    = root
>         server                  = /usr/sbin/ipop3d
>         log_on_success          += USERID
>         log_on_failure          += USERID
>         disable                 = yes
> }
> 

Note that the "USERID" thing refers to the RFC 1413 "ident" protocol. 
The idea behind this protocol is that xinetd will query the connecting
computer to get the Unix userid who's logged on.  However, the whole
thing is considered insecure, and there's often no ident server running
(or it's blocked by a firewall, etc), which causes a huge slowdown in
connections.  So you probably don't want the USERID stuff at all -- and
notice that Red Hat has taken it out of the default configuration for
RHL 7.3 and greater.  

http://www.landfield.com/wu-ftpd/mail-archive/wuftpd-questions/2001/Aug/0091.html

By the way, the man page you should read for all the options is "man
xinetd.conf"

Hope this helps,
Jeremy

-- 
/=====================================================================\
| Jeremy Portzer       jeremyp at pobox.com       trilug.org/~jeremy     |
| GPG Fingerprint: 712D 77C7 AB2D 2130 989F  E135 6F9F F7BC CC1A 7B92 |
\=====================================================================/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://www.trilug.org/pipermail/trilug/attachments/20030417/6f0dfc24/attachment.pgp>

More information about the TriLUG mailing list