Results 1 to 9 of 9

Thread: Prohibit IMAP/POP3 from specific ip's?

  1. #1
    Join Date
    Feb 2007
    Posts
    5
    Rep Power
    8

    Default Prohibit IMAP/POP3 from specific ip's?

    Is there any way to prevent a number IP addresses from checking their mail via POP3s/IMAPs ? I want to avoid people downloading their emails from a number of specific locations for security reason i will not go into.

    Love to hear suggestions on how to do it, thanks.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Block them at your firewall.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Feb 2007
    Posts
    5
    Rep Power
    8

    Default

    Yes, that would seem the most logical and was my initial idea as well. There is one problem however that makes it more difficult (and that I forgot to mention in the initial post).

    The IP's in question should only be disallowed to "download" mail, not read it via the webinterface and/or visit the hosted sites on the server. ie, it's ports 110, 143, 993 and 995 that need to be blocked.
    I don't know if it is possible to use iptables to only block specific ports for a certain IP.

    FYI: i'm using MonMotha's Firewall script

  4. #4
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    21

    Default

    Is this a user specific, or computer specific question?

    If you want to block certain users from using IMAP/POP3, you can set up a class of server for them in the admin UI and block IMAP/POP3 access.

    john

  5. #5
    Join Date
    Feb 2007
    Posts
    5
    Rep Power
    8

    Default

    It's a computer specific question unfortunately and it doesn't seem simple.

    We want to prohibit any of our mails being downloaded on specific locations. They can be read though (webmail). The users themselves should all be able to pop or imap in from home.

    I think the short term solution is to disable the pop and imap access completely for now and only allow webaccess.

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    I'm afraid I don't know much about linux firewalls but an outbound rule to stop traffic on those port from specific IP addresses would do what you want - is that not possible with your current set-up?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    Join Date
    Feb 2007
    Posts
    5
    Rep Power
    8

    Default

    You would think it was, but to be honest I don't know that much about firewalls either. I was hoping to get an answer here so that I didn't have to go into learning iptables... Guess I don't have much of a choice if I actually want the specific functionality.

  8. #8
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    I'm sure there are others on the forums that will be able to help with the firewall config. I'll see what I can dig up, do you have a link to the firewall rules you mentioned earlier?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #9
    Join Date
    Feb 2007
    Posts
    5
    Rep Power
    8

    Default

    Well it's MonMontha's Firewall script and up till last week you could find it here:
    http://monmotha.mplug.org/firewall/

    Seems the site is gone now and can't find another download location for it right away, sorry...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •