Zimbra

Blizz · #1 (**permalink**) 02-10-2007, 10:46 AM

Is there any way to prevent a number IP addresses from checking their mail via POP3s/IMAPs ? I want to avoid people downloading their emails from a number of specific locations for security reason i will not go into.

Love to hear suggestions on how to do it, thanks.

phoenix · #2 (**permalink**) 02-10-2007, 02:00 PM

Block them at your firewall.

Blizz · #3 (**permalink**) 02-10-2007, 02:44 PM

Yes, that would seem the most logical and was my initial idea as well. There is one problem however that makes it more difficult (and that I forgot to mention in the initial post).

The IP's in question should only be disallowed to "download" mail, not read it via the webinterface and/or visit the hosted sites on the server. ie, it's ports 110, 143, 993 and 995 that need to be blocked.
I don't know if it is possible to use iptables to only block specific ports for a certain IP.

FYI: i'm using MonMotha's Firewall script

jholder · #4 (**permalink**) 02-11-2007, 08:50 PM

Is this a user specific, or computer specific question?

If you want to block certain users from using IMAP/POP3, you can set up a class of server for them in the admin UI and block IMAP/POP3 access.

john

Blizz · #5 (**permalink**) 02-12-2007, 02:40 AM

It's a computer specific question unfortunately and it doesn't seem simple.

We want to prohibit any of our mails being downloaded on specific locations. They can be read though (webmail). The users themselves should all be able to pop or imap in from home.

I think the short term solution is to disable the pop and imap access completely for now and only allow webaccess.

phoenix · #6 (**permalink**) 02-12-2007, 02:52 AM

I'm afraid I don't know much about linux firewalls but an outbound rule to stop traffic on those port from specific IP addresses would do what you want - is that not possible with your current set-up?

Blizz · #7 (**permalink**) 02-12-2007, 03:18 AM

You would think it was, but to be honest I don't know that much about firewalls either. I was hoping to get an answer here so that I didn't have to go into learning iptables... Guess I don't have much of a choice if I actually want the specific functionality.

phoenix · #8 (**permalink**) 02-12-2007, 05:07 AM

I'm sure there are others on the forums that will be able to help with the firewall config. I'll see what I can dig up, do you have a link to the firewall rules you mentioned earlier?

Blizz · #9 (**permalink**) 02-12-2007, 05:23 AM

Well it's MonMontha's Firewall script and up till last week you could find it here:
http://monmotha.mplug.org/firewall/

Seems the site is gone now and can't find another download location for it right away, sorry...

Zimbra

Downloads

Product Information

Toolbox

Why Join?