[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
howtos:network_services:postfix_dovecot_mysql:email_firewall [2018/02/06 00:58 (UTC)] – Removed UFW syntax added by others - added policy lines astrogeek | howtos:network_services:postfix_dovecot_mysql:email_firewall [2018/02/06 01:17 (UTC)] (current) – [Firewall Rules For Virtual Mail Server] astrogeek | ||
---|---|---|---|
Line 8: | Line 8: | ||
<note important> | <note important> | ||
- | You should first use iptables -L to check for pre-existing rules and merge those below into your existing | + | You should first use iptables -L to check for pre-existing rules and __merge |
- | If you have no existing firewall and need to allow http and ssh, uncomment the lines for those also included here.</ | + | If you have no existing firewall and/or need to allow http and ssh, uncomment the --policy |
- | Following is a minimal set of iptables rules to provide a firewall for your email server. | + | Following is a **minimal** set of iptables rules to provide a firewall for your email server. |
< | < | ||
- | --policy INPUT DROP | + | #--policy INPUT DROP |
- | --policy FORWARD DROP | + | #--policy FORWARD DROP |
- | --policy OUTPUT | + | #--policy OUTPUT |
-A INPUT -m state --state INVALID -j DROP | -A INPUT -m state --state INVALID -j DROP |