blocking pop3 account
How can I block a user from accessing his pop3 account? Is it through iptables or is there some other way?
|
you can try to use iptables with the line somthing like this
iptables -A INPUT -p tcp -i eth0 -s 192.168.0.xxx/32 --dport 110 -j DROP where eth0 is ur ethernet which serve the connection from your user and 192.168.0.xxx is the ip address of your user Hope this helps you Thanks |
But that would drop all incoming POP3 requests... and not a particular user... i guess one can disable the user's linux account...but i am not sure
|
Quote:
thats mean only user who has ip address 192.168.0.xxx will be rejected by mail server. Note : Change xxx into your user ip. |
Quote:
Code:
iptables -A OUTPUT -p tcp --dport 110 -m owner --uid-owner 500 -j LOG --log-prefix 'Joe unable to get mail. ' |
Quote:
The other situation is a machine with many users, one of whom needs denial to port 110. In that case my way works. |
Oh now I see what joseph means. He is putting the filter on a firewall/gateway of an internal LAN to block access from a specific LAN member. Sorry about that. I think the OP should have been more specific.
|
the other option of course, and something I would consider easier, edit the pam module to disallow all users in a text file
here is mine, it's not right, but it'll give you an idea auth sufficient pam_pwdb.so account sufficient pam_pwdb.so account required pam_listfile.so onerr=fail file=/etc/postfix/usernames item=user sense=allow account required pam_winbind.so auth required pam_winbind.so That is my /etc/pam.d/dovecot file that says do you have a local account? if yes your in do you have a winbind account? if yes your go to next are you in the text file? if yes your in you'd just want to change it to are you in the text file? if yes your out I think this would do it auth required pam_listfile.so item=user sense=deny file=/etc/bad.pop3 onerr=succeed |
All times are GMT -5. The time now is 06:47 AM. |