A how-to question -- writing a firewall rule to block port(993)

Asked by Mike Andrews on 2016-02-13

For many years using Mac and Windows it has been my policy to avoid INBOUND email because email is the most common vector for attacks. I know this because I've gotten my ears 'pinned back' too many times to think otherwise.
The LAN is much better off, in the absence of high-priced filtering hardware and the costly firmware that comes with it, directing all inbound mail to a remote, web-based drop box, available from such entities as yahoo or Gmail, etc., where it must be accessed via browser.
Using Ubuntu I now find that my knowledge of ipfw rules is somewhat lacking, as B4 now there has always been a simple, gui-based front-face to serve my needs.
GUFW offers no such advantage to the code-challenged.
Please offer me an example of the correct input that will enable GUFW to permanently block IMAPI Port 993 so I can SEND outbound mail over SMTP port (465) but never worry about receiving INBOUND email via P993.
If GUFW offers a list of commands that will work in GUFW I haven't come across it.
I did look for an answer to my question in the forums but despite the plethora of posts dealing with the general topic, I was unable to locate a specific answer.
So, how do 'ya do it?
I'm a big dummy. Help!
---------------------------------
To Costales: Thanks for the info but I haven't quite been able to figure out what it is you refer to when you say "search IMAP to determine what I want to do with that port."
I k-n-o-w what I wanna do with it. . . I wanna KILL it! Brutally!
Trouble is, the only IMAP device listed for my machine is a software called "Amanda," which is evidently an IM client that uses Port 143 (I think). After succeeding in actually entering a rule (-ha!) in GUFW to block Yahoo Mail on IMAP 993, despite my efforts to the contrary it listed Amanda as the software of note and the port as 143. Palm-forehead-slap. Repeat.
Nothing has worked in trying to FORCE GUFW to list Port 993; it simply refuses to do it. If it weren't for that pretty blue & white shield I'd probably uninstall GUFW and try a different firewall front-end.
So things are back to square A again and I'm just glad to still have a firewall.
I hope it isn't mad at me after all that colorful language.
. . . Even my own ears are still burning. My dog went outside and abandoned me despite frigid weather conditions, and now doesn't want to come back in.
Anyhow, in Macintosh systems the ipfw is fully writable, offering the user full-spectrum ability to do whatever he wants.
Guess I'm spoiled; but I'm not forgetting Ubuntu's security track record, which IMO outshines anything Apple's produced in the past 7 years, given the new "consensus of reason" ($uure) leaching out of the woodwork at Apple. I hope Tim Cook and his mafiosi take a trip on the WAYBACK MACHINE and restore things as they were when the entire world raved of the efficacies of OS X.
One stellar example of Apple's chicanery over the years is visible in the way its software engineers have all but remove Network Utility. It's become much more basic in its functions than it was in the original version.
Now, in re Apple it's like the great Kippling wrote in Road to Mandalay, "That's all shove behind me, long ago and fer away; and there ain't no buses running from the benk to Mandalay." It's mostly just a memory.
Tim Cook and his colleagues in the global intelligentsia have. . . formed an agreement. Yes.
So have I.
It's sandwich time.
Thanks again to Costales for trying to help a dummy.
May the rain fall sparsely on your plain.

Question information

Language:
English Edit question
Status:
Answered
For:
Gufw Edit question
Assignee:
No assignee Edit question
Last query:
2016-02-13
Last reply:
2016-02-14
costales (costales) said : #1

Hi Mike,
You could Add rule > Preconfigured > Search SMTP or IMAP and choose what
you want to do with that port ;)
A hug!
--
Sent using Dekko from my Ubuntu device

costales (costales) said : #2
Mike Andrews (mikeandrews144) said : #3

Hi, Costales; after trying your so kindly offered setup, replete with screenshot, I came away with somewhat of a mixed bag. Which is to say that, although the model you presented did put the quietas on IMAPS P993, it initially blocked P143. I was able to change it to P993, however by clicking the middle tab and then entering 'IMAPS/993' in substitution.
. . . At first it looked like everything was good, but soon my hopes were dashed again when Thunderbird popped up errors advising that it was unable to write to the Sent Messages folder (ergo, was unable to send mail and all my messages were floating around in a cyber-nexux somewhere.).
In the end and after much ado I wound up deleting ALL RULES and going back to the bare-bones TCP/UDP setup, 'deny all in; allow all out. At least now the system works.
After initially creating 8 rule-sets under the original instruction, since duplicate rules are automatically created for ipv6 as well as ipv4 -- and then discovering that all of the latter applied to Port 143. . . then under the 2nd tab commenting out P 143 and substituting P 993, there were, I think, 16 lines of rule-sets and that was just about the time Thunderchicken came back on me with a vengeance, displaying error popups about a problem registering mail to the Sent folder.
Palm-to-forehead. Repeat. Loud English invective. Repeat. Dog runs away and acts scared of me.
I'm crushed.
So. . . it looks as though Yahoo will not be humiliated by any feeble attempt on my part to resist the many terrors of INBOUND mail.
I'm also struggling with an Ubuntu v12.04 LTS install on a 2006 Mac G5 PowerPC, 1.6gHZ SIngle Core Processor, fairly bursting at the seams with 4 GB RAM! The version of GUFW in 12.04 is not the same as the one in Ubuntu 14.04 and I was unable to make heads or tails of its GUI.
As well, the firewall is always OFF when I click the button; it only comes back to life AFTER entering an admin password.
Is that a problem, do you think or is the firewall actually on all the time. . . just not indicating its status to the likes of me? (It is rude of this firewall to treat me like a Linux NUBY.)
Ahem.
At any rate, I will continue boning up on my IT skills in hopes that one day, when I grow, up it will have become possible to tighten down a recalcitrant firewall without making reference to any silly old front-end.

Rain. Plain. Refrain.

. . . That's all 4 now.

M.

Can you help with this problem?

Provide an answer of your own, or ask Mike Andrews for more information if necessary.

To post a message you must log in.