forksand-it-manual/source/resources/apps/oca/README.md

Dev servers:
ocadev2 ocadev3 ocadev4

AO Dev servers:
once-dev1


# On development servers, add this to firewall rules to block
# sending/receiving of mails.
# Block outgoing traffic to email ports...
# SMTP, POP, IMAP, plus encrypted ports
# Be sure to put *before* this line in the firewall rules:
# -A OUTPUT -j ACCEPT
#
# Allow only communications to localhost on port 25 ( -s IP )
-A OUTPUT -p tcp --dport 25 -o lo -d 127.0.0.1 -j ACCEPT
# Allow only communications to localhost on IMAP port 993 ( -s IP )
-A OUTPUT -p tcp --dport 993 -o lo -d 127.0.0.1 -j ACCEPT
# Block SMTP
-A OUTPUT -p tcp --dport  25 -j REJECT
-A INPUT  -p tcp --dport  25 -j REJECT
# Block POP
-A OUTPUT -p tcp --dport 110 -j REJECT
-A INPUT  -p tcp --dport 110 -j REJECT
# Block IMAP
-A OUTPUT -p tcp --dport 143 -j REJECT
-A INPUT  -p tcp --dport 143 -j REJECT
# Block Email Submission
-A OUTPUT -p tcp --dport 587 -j REJECT
-A INPUT  -p tcp --dport 587 -j REJECT
# Block encrypted IMAPS
-A OUTPUT -p tcp --dport 993 -j REJECT
-A INPUT  -p tcp --dport 993 -j REJECT
# Block encrypted POP
-A OUTPUT -p tcp --dport 995 -j REJECT
-A INPUT  -p tcp --dport 995 -j REJECT
OCA, postgres notes for AO setup 7 years ago			`Dev servers:`
			`ocadev2 ocadev3 ocadev4`

			`AO Dev servers:`
			`once-dev1`


			`# On development servers, add this to firewall rules to block`
			`# sending/receiving of mails.`
			`# Block outgoing traffic to email ports...`
			`# SMTP, POP, IMAP, plus encrypted ports`
			`# Be sure to put before this line in the firewall rules:`
			`# -A OUTPUT -j ACCEPT`
			`#`
			`# Allow only communications to localhost on port 25 ( -s IP )`
			`-A OUTPUT -p tcp --dport 25 -o lo -d 127.0.0.1 -j ACCEPT`
			`# Allow only communications to localhost on IMAP port 993 ( -s IP )`
			`-A OUTPUT -p tcp --dport 993 -o lo -d 127.0.0.1 -j ACCEPT`
			`# Block SMTP`
			`-A OUTPUT -p tcp --dport 25 -j REJECT`
			`-A INPUT -p tcp --dport 25 -j REJECT`
			`# Block POP`
			`-A OUTPUT -p tcp --dport 110 -j REJECT`
			`-A INPUT -p tcp --dport 110 -j REJECT`
			`# Block IMAP`
			`-A OUTPUT -p tcp --dport 143 -j REJECT`
			`-A INPUT -p tcp --dport 143 -j REJECT`
			`# Block Email Submission`
			`-A OUTPUT -p tcp --dport 587 -j REJECT`
			`-A INPUT -p tcp --dport 587 -j REJECT`
			`# Block encrypted IMAPS`
			`-A OUTPUT -p tcp --dport 993 -j REJECT`
			`-A INPUT -p tcp --dport 993 -j REJECT`
			`# Block encrypted POP`
			`-A OUTPUT -p tcp --dport 995 -j REJECT`
			`-A INPUT -p tcp --dport 995 -j REJECT`