Feature request: exclude IP/network in allow_nets extra field
    Zhang Huangbin 
    zhb at iredmail.org
       
    Wed May  1 05:21:31 EEST 2019
    
    
  
> On Apr 30, 2019, at 2:32 PM, Malcolm via dovecot <dovecot at dovecot.org> wrote:
> 
> On 4/29/2019 11:20 PM, Zhang Huangbin via dovecot wrote:
>> I understand what "allow" means. But it will be very handy to support something like "!a.b.c.d" to allow all but just exclude few
>> IPs/networks. Isn't it? :)
> I'm not sure why:
> 
> iptables -A INPUT -p tcp --match multiport --syn ! -s a.b.c.d/netmask \
> --dports 110,143,993,995 -j REJECT
Dear Malcolm,
Thanks for your reply.
As mentioned earlier, this per-user access control, not for all users. This firewall rule blocks all users, not just few users.
    
    
More information about the dovecot
mailing list