Block All Outgoing IP addresses

newlord · Dec 10, 2021

Hello All!

I want to block all connections for outgoing mail except IP in whitelist. I have created whitelist, but I can't understand how is block all another IP.
Proxmox doesn't allow set mask to IP in the blacklist rule.

Or maybe I will be able disable local network for access by default?

Stoiko Ivanov · Dec 10, 2021

On mail proxy(postfix) level the local network of PMG is included in the trusted IPs (if you want to override that you need to adapt the postfix config templates) - check the reference documentation:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine

but you can create 2 rules in the rule-system:
* one with a who-object containing your trusted IPs (add this as from) - and action ACCEPT
* one with a lower priority with action BLOCK

I hope this helps!

newlord · Dec 10, 2021

Stoiko Ivanov Tnx for answer.

If I understand correctly, the rule BLOCK without "who-object" applied for all messages? Then this is my solution.

Stoiko Ivanov · Dec 10, 2021

newlord said:
If I understand correctly, the rule BLOCK without "who-object" applied for all messages? Then this is my solution.

Yes that how it should work - but as always - configure it and keep an eye on your logs - to verify for yourself

Search

Search

Block All Outgoing IP addresses

newlord

New Member

Stoiko Ivanov

Proxmox Staff Member

newlord

New Member

Stoiko Ivanov

Proxmox Staff Member