You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2012/10/16 20:50:12 UTC
[Bug 6840] Documentation for IPV6 in spamd inconsistent
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6840
--- Comment #2 from Mark Martinec <Ma...@ijs.si> ---
Done. Proofreading appreciated.
> In general, there's no mention of IPV6 documentation in the spamd manpage.
> This includes:
> 1) For -i, stating that it will "listen on all interfaces" if no address is
> given, and then saying that this is equal to 0.0.0.0. If anything, that
> should at least be amended to "listen on all ipv4 interfaces".
Fixed - with changes in Bug 6841. The --listen (a.k.a. -i) can now be
specified multiple times and can deal with IPv4, IPv6 and Unix sockets:
Usage:
-i [ip_or_name[:port]], --listen=[ip_or_name[:port]] Listen on IP addr and
port
The --listen option (or -i) may be specified multiple times, its syntax
is: [ ssl: ] [ host-name-or-IP-address ] [ : port ] or an absolute path
(filename) of a Unix socket. If port is omitted it defaults to --port or
to 783. Option --ssl implies a prefix 'ssl:'. An IPv6 address should be
enclosed in square brackets, e.g. [::1]:783, an IPv4 address may be but
need not be enclosed in square brackets. An asterisk '*' in place of a
hostname implies an unspecified address, ('0.0.0.0' or '::'), i.e. it
binds to all interfaces. An empty option value implies '*'.
POD:
=item B<-i> [I<ipaddress>[:<port>]], B<--listen>[=I<ipaddress>[:<port>]]
Additional alias names for this option are --listen-ip and --ip-address.
Tells spamd to listen on the specified IP address (defaults to a loopback
address). If no value is specified after the switch, or an asterisk '*'
stands in place of <ipaddress>, spamd will listen on all interfaces - this
is equivalent to address '0.0.0.0' for IPv4 and to '::' for IPv6.
You can also use a valid hostname which will make spamd listen on all
addresses that a name resolves to. The option may be specified multiple
times. See also options -4 and -6 for restricting address family to IPv4
or to IPv6. If a port is specified it overrides the --port (and --ssl-port)
setting for this socket. An IPv6 addresses should be enclosed in square
brackets, e.g. [::1]:783. For compatibility the square brackets on an IPv6
address may be omitted if a port number specification is also omitted.
=item B<-p> I<port>, B<--port>=I<port>
Optionally specifies the port number for the server to listen on (default:
783).
If the B<--ssl> switch is used, and B<--ssl-port> is not supplied, then this
port will be used to accept SSL connections instead of unencrypted connections.
If the B<--ssl> switch is used, and B<--ssl-port> is set, then unencrypted
connections will be accepted on the B<--port> at the same time as encrypted
connections are accepted at B<--ssl-port>.
=item B<-4>, B<--ipv4only>, B<--ipv4-only>, B<--ipv4>
Use IPv4 where applicable, do not use IPv6.
The option affects a set of listen sockets (see option C<--listen>)
and disables IPv6 for DNS tests.
=item B<-6>
Use IPv6 where applicable, do not use IPv4.
The option affects a set of listen sockets, see option C<--listen>.
Installing a module IO::Socket::IP is recommended if spamd is expected
to receive requests over IPv6.
> 2) No examples of an ipv6 address for the -A option. Additionally,
> it should probably be brought into compliance with RFC5737 and RFC4839,
> which define address blocks reserved for documentation purposes for
> ipv4 and ipv6, respectively.
Done:
=item B<-A> I<host,...>, B<--allowed-ips>=I<host,...>
Specify a comma-separated list of authorized hosts or networks which
can connect to this spamd instance. Each element of the list is either a
single IP addresses, or a range of IP addresses in address/masklength CIDR
notation, or ranges of IPv4 addresses by specifying 3 or less octets with
a trailing dot. Hostnames are not supported, only IPv4 or IPv6 addresses.
This option can be specified multiple times, or can take a list of addresses
separated by commas. IPv6 addresses may be (but need not be) enclosed
in square brackets for consistency with option B<--listen>. Examples:
B<-A 10.11.12.13> -- only allow connections from C<10.11.12.13>.
B<-A 10.11.12.13,10.11.12.14> -- only allow connections from C<10.11.12.13> and
C<10.11.12.14>.
B<-A 10.200.300.0/24> -- allow connections from any machine in the range
C<10.200.300.*>.
B<-A 10.> -- allow connections from any machine in the range C<10.*.*.*>.
B<-A [2001:db8::]/32,192.0.2.0/24,::1,127.0.0.0/8> -- only accept
connections from specified test networks and from localhost.
In absence of the B<-A> option, connections are only accepted from
IP address 127.0.0.1 or ::1, i.e. from localhost on a loopback interface.
> 3) No clarification of the fact that -i can be specified only once (this
> is really another bug -- but if the bug stands, it should be noted here.)
Done.
> Note that there are other bugs being filed which I'll link to here in
> subsequent comments.
Done.
--
You are receiving this mail because:
You are the assignee for the bug.