Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Deny all access to SMTP/POP3 and enable only for specific IP

Discussion in 'E-mail Discussion' started by Jangan, Jul 15, 2018.

  1. Jangan

    Jangan Registered

    Joined:
    Jun 24, 2018
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    Hello everyone,

    I want to Deny all access to SMTP/POP3 and enable only for specific IP address.

    so everyone will not be able to connect

    MYSERVERIP@ port 25 or 465 or 110 or 993

    but i will enable 1 IP to connect to them

    so allow ip EXTERNALIP to connect to MYSERVERIP
     
  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    720
    Likes Received:
    123
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    You can use iptables but to make it easier to manage, install CSF:

    https://configserver.com/cp/csf.html

    Once installed, change the line in /etc/csf/csf.conf

    Code:
    TCP_IN
    remove all the ports you referenced from that line

    restart csf

    Code:
    # csf -ra
    and then whitelist the IP you want access

    Code:
    # csf -a IP
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    sparek-3 likes this.
  3. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,037
    Likes Received:
    47
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I've tried this., and I'm pretty sure that you can't block port 25. By doing so you'll also block other email servers from connecting, resulting in you receiveing no emails at all.
    Unfortunately, anyone can still then connect to smtp using port 25.




    For starters, I would suggest to toy with HostAccessControl.

    In HAC, add

    POP3 .................... Your IP .......................... Allow
    IMAP ..................... Your IP .......................... Allow

    then

    POP3 .................... All .......................... Deny
    IMAP ..................... All .......................... Deny

    Could you use the same rule for SMTP or would this cause problems with other email servers ???
     
    #4 keat63, Jul 17, 2018
    Last edited: Jul 17, 2018
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice