LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-31-2006, 07:55 PM   #1
devan1p
LQ Newbie
 
Registered: May 2006
Posts: 12

Rep: Reputation: 0
blocking pop3 account


How can I block a user from accessing his pop3 account? Is it through iptables or is there some other way?
 
Old 05-31-2006, 10:17 PM   #2
joseph
Member
 
Registered: Jun 2003
Location: Batam
Distribution: Ubuntu 10 And Linux Mint
Posts: 414

Rep: Reputation: 30
you can try to use iptables with the line somthing like this

iptables -A INPUT -p tcp -i eth0 -s 192.168.0.xxx/32 --dport 110 -j DROP

where eth0 is ur ethernet which serve the connection from your user and 192.168.0.xxx is the ip address of your user

Hope this helps you

Thanks
 
Old 05-31-2006, 11:03 PM   #3
withjigs
LQ Newbie
 
Registered: Mar 2005
Location: india
Distribution: fc1/fc3
Posts: 6

Rep: Reputation: 0
But that would drop all incoming POP3 requests... and not a particular user... i guess one can disable the user's linux account...but i am not sure
 
Old 05-31-2006, 11:14 PM   #4
joseph
Member
 
Registered: Jun 2003
Location: Batam
Distribution: Ubuntu 10 And Linux Mint
Posts: 414

Rep: Reputation: 30
Quote:
Originally Posted by withjigs
But that would drop all incoming POP3 requests... and not a particular user... i guess one can disable the user's linux account...but i am not sure
Nope, that will only drop a connection from a specified ip.
thats mean only user who has ip address 192.168.0.xxx will be rejected by mail server.

Note :
Change xxx into your user ip.
 
Old 05-31-2006, 11:15 PM   #5
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 70
Quote:
Originally Posted by withjigs
But that would drop all incoming POP3 requests... and not a particular user...
Correct, he should have used the output chain... and that's why the nice people at netfilter created the owner matching module:

Code:
iptables -A OUTPUT -p tcp --dport 110 -m owner --uid-owner 500 -j LOG --log-prefix 'Joe unable to get mail. '
iptables -A OUTPUT -p tcp --dport 110 -m owner --uid-owner 500 -j DROP
 
Old 05-31-2006, 11:20 PM   #6
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 70
Quote:
Originally Posted by joseph
Nope, that will only drop a connection from a specified ip.
thats mean only user who has ip address 192.168.0.xxx will be rejected by mail server.

Note :
Change xxx into your user ip.
I see. I think there is a fundamental difference in how we are interpreting the OP question. If you have a POP server (from which you want to deny traffic to someone), we would use your method. The thing is, if you are running a POP server, it would be much easier to disable that user's account from the server.

The other situation is a machine with many users, one of whom needs denial to port 110. In that case my way works.
 
Old 05-31-2006, 11:22 PM   #7
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 70
Oh now I see what joseph means. He is putting the filter on a firewall/gateway of an internal LAN to block access from a specific LAN member. Sorry about that. I think the OP should have been more specific.
 
Old 05-31-2006, 11:26 PM   #8
paul_mat
Member
 
Registered: Nov 2004
Location: Townsville, Australia
Distribution: Fedora Core 5, CentOS 4, RHEL 4
Posts: 855

Rep: Reputation: 30
the other option of course, and something I would consider easier, edit the pam module to disallow all users in a text file

here is mine, it's not right, but it'll give you an idea

auth sufficient pam_pwdb.so
account sufficient pam_pwdb.so
account required pam_listfile.so onerr=fail file=/etc/postfix/usernames item=user sense=allow
account required pam_winbind.so
auth required pam_winbind.so

That is my /etc/pam.d/dovecot file that says

do you have a local account? if yes your in
do you have a winbind account? if yes your go to next
are you in the text file? if yes your in

you'd just want to change it to

are you in the text file? if yes your out

I think this would do it

auth required pam_listfile.so item=user sense=deny file=/etc/bad.pop3 onerr=succeed
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Watch pop3 mail account TroelsSmit Linux - Newbie 1 01-09-2006 03:23 PM
Firewall blocking some POP3 requests Funky D Linux - Networking 5 09-23-2005 04:21 PM
Blocking an account from accessing the internet. magnum818 Linux - Security 2 12-03-2003 01:50 AM
locked pop3-account jonas_the_joker Linux - General 1 10-17-2003 07:08 AM
Relay from POP3 account BeerBust Linux - Software 1 10-02-2003 08:12 PM


All times are GMT -5. The time now is 07:30 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration