≡ Menu

iptables pop3

The Post Office Protocol version 3 (POP3) is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection.

POP3 works over a TCP/IP connection using TCP on network port 110. E-mail clients can encrypt POP3 traffic using TLS or SSL. A TLS or SSL connection is negotiated using the STLS command.

Open Port 110 using Iptables

POP3 allows to retrieve mail. It uses the TCP port 110. Following two iptable rules allows incoming POP3 request on port 110 for server IP address 202.54.1.20 (open port 110):

You need to add following rules to your iptables shell script:

iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 110 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

In order to block incoming port 110 simply use target REJECT instead of ACCEPT:

iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 110 -j REJECT

To block outgoing port 110, add following to your script:

iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 110 -d 0/0 --dport 1024:65535 -j REJECT