Nigel Metheringham edited this page Nov 29, 2012 · 2 revisions



How can I use tcpwrappers in conjunction with Exim?


Exim's own control facilities can do all that tcpwrappers can do. However, if you are already using tcpwrappers for other things it might be convenient to include Exim controls in the same place. First of all, ensure that Exim is built to call the tcpwrappers library, by including USE_TCPWRAPPERS=yes in Local/Makefile. You also need to ensure that the header file tcpd.h is available at compile time, and the libwrap.a library is available at link time, typically by including it in EXTRALIBS. You may need to copy these two files from the tcpwrappers build directory to, for example, /usr/local/include and /usr/local/lib, respectively. Then you could reference them by

EXTRALIBS=-L/usr/local/lib -lwrap

in Local/Makefile. There are two ways to make use of the functionality, depending on how you have tcpwrappers set up. If you have it set up to use only one file, you ought to have something like:


exim : <client_list>  : <allow_or_deny>

For example:

exim : LOCAL  192.168.0.  .friendly.domain : ALLOW
exim : ALL                                               : DENY

This allows connections from local hosts (chiefly localhost), from the subnet, from all hosts in *.friendly.domain, and from a specific host called**. All other connections are denied. If you have tcpwrappers set up to use two files, use the following:


exim    : <client_list>


exim    : <client_list>

Read the hosts_access man page for more ways of specifying clients, including ports, etc., and on logging connections.

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.