Ability to listen to network socket

[dene14]

Hello Andrew!

Will it take much effort to have an ability to work with a network socket? Any cons on its usage?

Thank you!

[AGWA]

Hi @dene14,

This isn't documented, but you can pass the following to the socket option to listen on the given TCP port:

inet:1234@localhost

That will listen on the loopback interface only. To listen on all interfaces, replace localhost with 0.0.0.0.

I haven't tested this extensively or used it in production, but it should work. The main downside is that it's less secure, particularly if you listen on all interfaces. The milter protocol has no authentication, so anyone who can connect to the socket can interact with the milter. With UNIX domain sockets you don't have to worry about this since you can use file permissions to make sure only your MTA can connect.

[dene14]

Ah... I was too asleep to try standard milter's socket definition. Thanks!

P.S. you're right, it's better to add that in examples :)

2014-12-16 1:23 GMT+03:00 Andrew Ayer notifications@github.com:

Hi @dene14 https://github.com/dene14,

This isn't documented, but you can pass the following to the socket option to listen on the given TCP port:

inet:1234@localhost

That will listen on the loopback interface only. To listen on all interfaces, replace localhost with 0.0.0.0.

I haven't tested this extensively or used it in production, but it should work. The main downside is that it's less secure, particularly if you listen on all interfaces. The milter protocol has no authentication, so anyone who can connect to the socket can interact with the milter. With UNIX domain sockets you don't have to worry about this since you can use file permissions to make sure only your MTA can connect.

— Reply to this email directly or view it on GitHub https://github.com/AGWA/batv-tools/issues/4#issuecomment-67077733.

[AGWA]

I just released batv-tools 0.6. Non-UNIX sockets are now documented in both the batv-milter(8) man page and the example batv-milter.conf file.