> We have enabled POP so that certain people can pop their mail from us, and use > gmail as their mail client. > > However, we have no other POP users ... and I don't want POP open to the whole > world ... > > BUT, I suspect there are a LOT of possible IPs that google will use to pop mail > from us ... While not a "strong" solution, out-of-the box, I'd suggest in /etc/hosts.allow (probably after the "paranoid" line to make inetd check fwd/reverse match) ALL : PARANOID : RFC931 20 : deny assuming you use qpopper (change as required) qpopper : .google.com : allow qpopper : x.x.x.0/255.255.255.0 : allow (your directly-connected users) qpopper : all : deny RossW _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"