Sent from my iPhone
> On Jul 14, 2016, at 3:56 PM, Michael Fox <[email protected]> wrote: > > On my POP3 server, I need to be able to control the use of STARTTLS by > client IP address. Specifically: > > * Clients on certain internal subnets (e.g., 192.168.1.0/24) must not have > the option to use TLS. If the client tries to use STARTTLS, the option > should be rejected. This is to satisfy US FCC rules regarding the use of > encryption over certain radio frequencies. > * All other internal clients (e.g., 192.168.0.0/16, but not 192.168.1.0/24) > should be able to use STARTTLS if they choose to. > * All external clients (0.0.0.0/0) will be required to use TLS. > > Is there a way to control which clients are allowed to use STARTTLS > according to the client's IP address? > > Thanks, > Michael > > > Seems like your firewall could redirect to a different port that doesn't offer starttls. >
