1 Topic by ms2504

  • ms2504
  • Member
  • Offline
  • Registered: 2019-06-15
  • Posts: 70

Topic: nftables configuration.

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.4.2
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version: Ubuntu 20.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro?  NO
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I followed this document to whitelist a host unable to authenticate: https://docs.iredmail.org/additional.smtp.port.html

For Ubuntu 20.04, which uses nftables and has a default config from a clean/fresh iRedMail install, how can I whitelist a single static ip  to access port 2525?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ms2504

  • ms2504
  • Member
  • Offline
  • Registered: 2019-06-15
  • Posts: 70

Re: nftables configuration.

Hi, I found how to do it. Reporting here, just in case someone may need it.

Ubuntu 20 uses nftables as a firewall, so you have to edit file /etc/nftables.conf adding

tcp dport 2525 ip saddr 192.168.X.X accept 

to whitelist *insecure* port 2525 only for the device that can't authenticate before sending.