ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

Global_Deny can be overridden -- Easy Question?

https://mail.forum.configserver.com/viewtopic.php?t=8646

Page 1 of 1

Global_Deny can be overridden -- Easy Question?

Posted: 30 Apr 2015, 19:19
by jumpclan
We are using a CSF Global_Deny list with IPs that are blocked. This works great at filtering BOTs and other HTTP pests.

However the Global_Deny list appears to be blocking incoming SMTP traffic as well. :(

Is it possible to override the Global_Deny setting on a per user basis and/or for SMTP traffic?

Thanks in advance...

Re: Global_Deny can be overridden -- Easy Question?

Posted: 01 May 2015, 09:32
by ForumAdmin
No, you cannot whitelist incoming connections in iptables based on a local user account. You can whitelist based on incoming IP address and to a specific port using the advanced port filtering (see readme.txt).

Re: Global_Deny can be overridden -- Easy Question?

Posted: 01 May 2015, 18:34
by jumpclan
Thank you for the confirmation.
Very helpful and much appreciated.
I guess that our only alternative is to the move our SMTP mail to another server.
Anybody else have a separate SMTP server for incoming mail (because of strict IP filtering needed for HTTP traffic)?
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited