[Dovecot] Filtering IP address connections ?
Hello
Is it possible to refuse connections from some IP address in Dovecot configuration ?
Thanks
why not make things easier and use your OS packet filter for that ? iptables for linux, for example
Em 18/10/2010 10:22, Frank Bonnet escreveu:
Hello
Is it possible to refuse connections from some IP address in Dovecot configuration ?
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertrudes@solutti.com.br
My SPAMTRAP, do not email itLe 18.10.2010 14:32, Leonardo Rodrigues a écrit :
why not make things easier and use your OS packet filter for that ?iptables for linux, for example
Em 18/10/2010 10:22, Frank Bonnet escreveu:
Hello
Is it possible to refuse connections from some IP address in Dovecot configuration ?
with sieve is also possible: I give an example
require ["fileinto","regex","comparator-i;ascii-numeric","reject","relational"];
if anyof ( header :contains "Received" [ "[4.63.*.*", ] { reject text: I am not taking mail from you, and I don't want your birdseed, either! it is UBE UCE no talking to me please! see you letter ? . ; }
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7
On 2010-10-18 8:49 AM, fakessh@fakessh.eu wrote:
with sieve is also possible: I give an example
require ["fileinto","regex","comparator-i;ascii-numeric","reject","relational"];
if anyof ( header :contains "Received" [ "[4.63.*.*", ] { reject text: I am not taking mail from you, and I don't want your birdseed, either! it is UBE UCE no talking to me please! see you letter ? . ; }
Imho it is a waste of time and energy to do this - just let your MTA and/or firewall do the heavy lifting...
--
Best regards,
Charles
Le 18.10.2010 15:24, Charles Marcus a écrit :
On 2010-10-18 8:49 AM, fakessh@fakessh.eu wrote:
with sieve is also possible: I give an example
require ["fileinto","regex","comparator-i;ascii-numeric","reject","relational"];
if anyof ( header :contains "Received" [ "[4.63.*.*", ] { reject text: I am not taking mail from you, and I don't want your birdseed, either! it is UBE UCE no talking to me please! see you letter ? . ; }
Imho it is a waste of time and energy to do this - just let your MTA and/or firewall do the heavy lifting...
so it is pure sieve scripting
-- http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7
On Mon, 18 Oct 2010 14:49:50 +0200 fakessh@fakessh.eu articulated:
Le 18.10.2010 14:32, Leonardo Rodrigues a écrit :
why not make things easier and use your OS packet filter forthat ? iptables for linux, for example
Em 18/10/2010 10:22, Frank Bonnet escreveu:
Hello
Is it possible to refuse connections from some IP address in Dovecot configuration ?
with sieve is also possible: I give an example
require ["fileinto","regex","comparator-i;ascii-numeric","reject","relational"];
if anyof ( header :contains "Received" [ "[4.63.*.*", ] { reject text: I am not taking mail from you, and I don't want your birdseed, either! it is UBE UCE no talking to me please! see you letter ? . ; }
Perhaps I am confused, but why are you doing this at the LDA level? You cannot legitimately bounce mail from there without becoming a source of backscatter. Why not filter these messages at the MTA level. Postfix, as one example, has ways of accomplishing just this sort of behavior.
-- Jerry ✌ Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
OK folks
I'll let the firewall do the job !
Thanks
On 10/18/2010 03:40 PM, Jerry wrote:
On Mon, 18 Oct 2010 14:49:50 +0200 fakessh@fakessh.eu articulated:
Le 18.10.2010 14:32, Leonardo Rodrigues a écrit :
why not make things easier and use your OS packet filter forthat ? iptables for linux, for example
Em 18/10/2010 10:22, Frank Bonnet escreveu:
Hello
Is it possible to refuse connections from some IP address in Dovecot configuration ?
with sieve is also possible: I give an example
require ["fileinto","regex","comparator-i;ascii-numeric","reject","relational"];
if anyof ( header :contains "Received" [ "[4.63.*.*", ] { reject text: I am not taking mail from you, and I don't want your birdseed, either! it is UBE UCE no talking to me please! see you letter ? . ; } Perhaps I am confused, but why are you doing this at the LDA level? You cannot legitimately bounce mail from there without becoming a source of backscatter. Why not filter these messages at the MTA level. Postfix, as one example, has ways of accomplishing just this sort of behavior.
Le 18.10.2010 16:34, Frank Bonnet a écrit :
OK folks
I'll let the firewall do the job !
Thanks
and check the config to postfix it is easy to implement custom cidr table
-- http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7
participants (5)
-
Charles Marcus
-
fakessh@fakessh.eu
-
Frank Bonnet
-
Jerry
-
Leonardo Rodrigues