# from localhost, portmap and imap etc are ok iptables -A INPUT -s 127.0.0.1 -j ACCEPT # this is where the Disc Daemon listens iptables -A INPUT -p tcp --dport 55 -j REJECT # no pop3 without ssl iptables -A INPUT -p tcp --dport 110 -j REJECT # no portmap from outside iptables -A INPUT -p tcp --dport 111 -j REJECT iptables -A INPUT -p udp --dport 111 -j REJECT # no imap without ssl iptables -A INPUT -p tcp --dport 143 -j REJECT # do not allow external ldap connections iptables -A INPUT -p tcp --dport 389 -j REJECT |