Block outgoing SMTP except for root, qmail/postfix and mailman.
juggernaut --task=firewall:smtpOption |
Value | Default | Description |
|---|---|---|---|
--SMTP_BLOCK |
<1|0> | 0 | Block outgoing SMTP except for root, qmail/postfix and mailman. This forces scripts/users to use the qmail/postfix binary instead of sockets access. This option requires the iptables ipt_owner/xt_owner module to be loaded. |
--SMTP_ALLOWLOCAL |
<1|0> | 1 | Allow outgoing SMTP connections to the loopback device on port 25 (If SMTP_BLOCK is enabled). |
--SMTP_REDIRECT |
<1|0> | 0 | Redirect outgoing SMTP connections destined for remote servers for non-bypass users to the local SMTP server to force local relaying of email. Such email may require authentication (SMTP AUTH). |
--SMTP_PORTS |
<string1,string2> | 25,465,587 | SMTP ports to block. You should list all ports that qmail/postfix is configured to listen on. |
--SMTP_PORTS_add |
<string> | Add a single entry to SMTP_PORTS. | |
--SMTP_PORTS_del |
<string> | Remove a single entry from SMTP_PORTS. | |
--SMTP_ALLOWUSER |
<string1,string2> | postfix,qmaild,qmaill,qmailp,qmailq,qmailr,qmails | Allow the following comma separated users to bypass SMTP_BLOCK. Note: root user is always allowed. |
--SMTP_ALLOWUSER_add |
<string> | Add a single entry to SMTP_ALLOWUSER. | |
--SMTP_ALLOWUSER_del |
<string> | Remove a single entry from SMTP_ALLOWUSER. | |
--SMTP_ALLOWGROUP |
<string1,string2> | mail,mailman,nofiles,postdrop,postfix,qmail | Allow the following comma separated groups to bypass SMTP_BLOCK. Note: root group is always allowed. |
--SMTP_ALLOWGROUP_add |
<string> | Add a single entry to SMTP_ALLOWGROUP. | |
--SMTP_ALLOWGROUP_del |
<string> | Remove a single entry from SMTP_ALLOWGROUP. | |
--default |
<yes> | Reset all settings to their default values. | |
--default_option |
<option> | Reset a specific setting to its default value. | |
--restart |
<yes> | Restart the service after saving settings. |
// enable SMTP_BLOCK
juggernaut --task=firewall:smtp --SMTP_BLOCK=1 --restart=yes
// reset SMTP_BLOCK back to default
juggernaut --task=firewall:smtp ---default_option=SMTP_BLOCK --restart=yes
// reset all settings back to default
juggernaut --task=firewall:smtp ---default=yes --restart=yes