Date: Mon, 2 May 2011 17:23:07 +1000 (EST) From: freebsd-lists@albury.net.au To: George Sanders <gosand1982@yahoo.com> Cc: freebsd-security@freebsd.org Subject: Re: limiting pop access to gmail servers ? Message-ID: <20110502171811.Y39066@ali-syd-1.albury.net.au> In-Reply-To: <349555.87646.qm@web120019.mail.ne1.yahoo.com> References: <349555.87646.qm@web120019.mail.ne1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> We have enabled POP so that certain people can pop their mail from us, and use > gmail as their mail client. > > However, we have no other POP users ... and I don't want POP open to the whole > world ... > > BUT, I suspect there are a LOT of possible IPs that google will use to pop mail > from us ... While not a "strong" solution, out-of-the box, I'd suggest in /etc/hosts.allow (probably after the "paranoid" line to make inetd check fwd/reverse match) ALL : PARANOID : RFC931 20 : deny assuming you use qpopper (change as required) qpopper : .google.com : allow qpopper : x.x.x.0/255.255.255.0 : allow (your directly-connected users) qpopper : all : deny RossW
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110502171811.Y39066>