Feature request: exclude IP/network in allow_nets extra field

Zhang Huangbin zhb at iredmail.org
Wed May 1 05:21:31 EEST 2019



> On Apr 30, 2019, at 2:32 PM, Malcolm via dovecot <dovecot at dovecot.org> wrote:
> 
> On 4/29/2019 11:20 PM, Zhang Huangbin via dovecot wrote:
>> I understand what "allow" means. But it will be very handy to support something like "!a.b.c.d" to allow all but just exclude few
>> IPs/networks. Isn't it? :)
> I'm not sure why:
> 
> iptables -A INPUT -p tcp --match multiport --syn ! -s a.b.c.d/netmask \
> --dports 110,143,993,995 -j REJECT

Dear Malcolm,

Thanks for your reply.
As mentioned earlier, this per-user access control, not for all users. This firewall rule blocks all users, not just few users.


More information about the dovecot mailing list