Feature request: exclude IP/network in allow_nets extra field

Malcolm dovecot at r.paypc.com
Tue Apr 30 09:32:17 EEST 2019


On 4/29/2019 11:20 PM, Zhang Huangbin via dovecot wrote:
> I understand what "allow" means. But it will be very handy to 
> support something like "!a.b.c.d" to allow all but just exclude few
> IPs/networks. Isn't it? :)
I'm not sure why:

iptables -A INPUT -p tcp --match multiport --syn ! -s a.b.c.d/netmask \
--dports 110,143,993,995 -j REJECT

doesn't do what you want.

Or do you want some kind of "friendlier" message to be provided once the 
user(s) login from the blocked IP#s to tell them why they can't login?

=M=


More information about the dovecot mailing list