Differences

This shows you the differences between two versions of the page.

--- howtos:network_services:postfix_dovecot_mysql:email_firewall [2015/03/08 09:30 (UTC)]
astrogeek Errata, updates
+++ howtos:network_services:postfix_dovecot_mysql:email_firewall [2018/02/06 00:58 (UTC)]
astrogeek Removed UFW syntax added by others - added policy lines
@@ Line 9: / Line 9: @@
 <note important>Loading //only// the rules below as your firewall will close other access that may be important to you such as http and ssh!
 You should first use iptables -L to check for pre-existing rules and merge those below into your existing firewall.
-If you have no existing firewall and need to allow http and ssh, uncomment the liines for those also included here.</note>
+If you have no existing firewall and need to allow http and ssh, uncomment the lines for those also included here.</note>
 Following is a minimal set of iptables rules to provide a firewall for your email server.
 <code>
+--policy INPUT DROP
+--policy FORWARD DROP
+--policy OUTPUT DROP
 -A INPUT -m state --state INVALID -j DROP
 -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
@@ Line 54: / Line 58: @@
 Ports 993 and 995 provide secure Imap and Pop3, respectively. These must be open in order for your virtual users to be able to send and receive email.
-To install these rules as your firewall save them to a text file then load that file using iptables-restore. This will replace any currently existing iptables rules with those in the file.
+To install these rules as your firewall save them to a text file using <code>iptables-save >/etc/firewall.rules</code> then load that file using iptables-restore as shown below. This will replace any currently existing iptables rules with those in the file.
 There are many preferences for saving and loading firewall scripts. I generally use /etc/firewall.rules for my own systems and will use that for this example.

Differences

Navigation

Search

Toolbox

In Other Languages

SlackDocs

Slackware Links

QR Code