Thanks for your prompt solution...
This is my mail server...serving smtp, pop, imap and http...So do u think its the perfect solution for me to control access 110 port?
I tried with hosts.allow it doesn't work. if dovecot doesn't have any ACL system then i think ip filtering is the only solution isn't it? Thanking Sharif
kasharif@citech-bd.com wrote:
Hi, Can someone tell me how can I restrict 110 port access other than my IP block? if it through tcp-wrapper then how can i do that? Thanking Sharif
i would do it with netfilter/iptables (assuming you're on linux, with a recent enough distribution. Under bsd, use ipfilter, it's similar)
something like:
iptables -t filter -P INPUT DROP iptables -t filter -A INPUT -p tcp --dport 110 --source 10.0.0.0/8 -j ACCEPT iptables -t filter -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
this rule would block any incoming traffic except to port 110 coming from 10.x.x.x, and would allow any outgoing traffic
i quickly write it from memory, so there may be errors (i mean, verify it :), and of course you should adapt it to your specific setup.
--
\|||/ (o o) Matthieu ImbertooO-(_)-Ooo------------------------------------------