Dec 29, 2023: iRedMail-1.6.8 has been released.

**tiidub** · 2016-07-28 13:31:10

tiidub
Member
Offline

Registered: 2016-07-28
Posts: 16

Topic: How to allow certain IPs to connect to server?

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Ubuntu 16.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

Im relaying incoming message from another server to this server and i created a new port 5011 for it while closing port 25 since i wont be reveiving mail from another server.

So in /etc/default/iptables i did:
-A INPUT -p tcp --dport 25 -j DROP
-A INPUT -p tcp --dport 5011 -j ACCEPT

How do i make it so that i can restrict 5011 port to only ACCEPT from certain IPs?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2016-07-28 13:41:48

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,770

Re: How to allow certain IPs to connect to server?

Try '-s' (source IP):

-A INPUT -p tcp -s 192.168.1.1 --dport 5011 -j ACCEPT
-A INPUT -p tcp --dport 5011 -j DROP

Port 25 is used to communicate between servers, this is required if you want to receive email from other mail servers.

**tiidub** · 2016-07-28 13:45:44

tiidub
Member
Offline

Registered: 2016-07-28
Posts: 16

Re: How to allow certain IPs to connect to server?

yes im fully aware closing port 25 will close it off from all other mail servers since its the standard used.
My intention is to just allow my own servers to send to this server.

ok so if i want to add more of my own IPs do this?

-A INPUT -p tcp -s <ip1> <ip2> <ip3> --dport 5011 -j ACCEPT
-A INPUT -p tcp -s 192.168.1.1 --dport 5011 -j ACCEPT

or this:
-A INPUT -p tcp -s <ip1> --dport 5011 -j ACCEPT
-A INPUT -p tcp -s <ip2> --dport 5011 -j ACCEPT
-A INPUT -p tcp -s <ip3> --dport 5011 -j ACCEPT
-A INPUT -p tcp --dport 5011 -j DROP

Dec 29, 2023: iRedMail-1.6.8 has been released.

How to allow certain IPs to connect to server?

Posts: 3

1 Topic by tiidub 2016-07-28 13:31:10 (edited by tiidub 2016-07-28 13:32:32)

Topic: How to allow certain IPs to connect to server?

2 Reply by ZhangHuangbin 2016-07-28 13:41:48

Re: How to allow certain IPs to connect to server?

3 Reply by tiidub 2016-07-28 13:45:44 (edited by tiidub 2016-07-28 14:21:10)

Re: How to allow certain IPs to connect to server?

Posts: 3