BlockedIp
BlockedIp
Section titled “BlockedIp”Defines a blocked IP address or network range.
This object can be configured from the WebUI under Settings › Security › Blocked IPs
Fields
Section titled “Fields”address
Section titled “address”Type:
IpMask· read-onlyThe IP address or mask to block
reason
Section titled “reason”Type:
BlockReason· default:"manual"The reason for blocking this IP address
createdAt
Section titled “createdAt”Type:
UTCDateTime· server-setThe date and time when this IP address was blocked
expiresAt
Section titled “expiresAt”Type:
UTCDateTime?The date and time when this IP address block will expire
JMAP API
Section titled “JMAP API”The BlockedIp object is available via the urn:stalwart:jmap capability.
x:BlockedIp/get
Section titled “x:BlockedIp/get”This is a standard Foo/get method as defined in RFC 8620, Section 5.1.
This method requires the sysBlockedIpGet permission.
curl -X POST https://mail.example.com/api \ -H 'Authorization: Bearer $TOKEN' \ -H 'Content-Type: application/json' \ -d '{ "methodCalls": [ [ "x:BlockedIp/get", { "ids": [ "id1" ] }, "c1" ] ], "using": [ "urn:ietf:params:jmap:core", "urn:stalwart:jmap" ] }'x:BlockedIp/set
Section titled “x:BlockedIp/set”This is a standard Foo/set method as defined in RFC 8620, Section 5.3.
Supports create, update, and destroy operations in a single call.
Create
Section titled “Create”This operation requires the sysBlockedIpCreate permission.
curl -X POST https://mail.example.com/api \ -H 'Authorization: Bearer $TOKEN' \ -H 'Content-Type: application/json' \ -d '{ "methodCalls": [ [ "x:BlockedIp/set", { "create": { "new1": {} } }, "c1" ] ], "using": [ "urn:ietf:params:jmap:core", "urn:stalwart:jmap" ] }'Update
Section titled “Update”This operation requires the sysBlockedIpUpdate permission.
curl -X POST https://mail.example.com/api \ -H 'Authorization: Bearer $TOKEN' \ -H 'Content-Type: application/json' \ -d '{ "methodCalls": [ [ "x:BlockedIp/set", { "update": { "id1": { "reason": "manual" } } }, "c1" ] ], "using": [ "urn:ietf:params:jmap:core", "urn:stalwart:jmap" ] }'Destroy
Section titled “Destroy”This operation requires the sysBlockedIpDestroy permission.
curl -X POST https://mail.example.com/api \ -H 'Authorization: Bearer $TOKEN' \ -H 'Content-Type: application/json' \ -d '{ "methodCalls": [ [ "x:BlockedIp/set", { "destroy": [ "id1" ] }, "c1" ] ], "using": [ "urn:ietf:params:jmap:core", "urn:stalwart:jmap" ] }'x:BlockedIp/query
Section titled “x:BlockedIp/query”This is a standard Foo/query method as defined in RFC 8620, Section 5.5.
This method requires the sysBlockedIpQuery permission.
curl -X POST https://mail.example.com/api \ -H 'Authorization: Bearer $TOKEN' \ -H 'Content-Type: application/json' \ -d '{ "methodCalls": [ [ "x:BlockedIp/query", { "filter": { "address": "example" } }, "c1" ] ], "using": [ "urn:ietf:params:jmap:core", "urn:stalwart:jmap" ] }'The x:BlockedIp/query filter argument accepts the following conditions (combinable with AnyOf / AllOf / Not per RFC 8620):
| Condition | Kind |
|---|---|
address | text |
stalwart-cli wraps the same JMAP calls. See the CLI reference for installation, authentication, and general usage.
stalwart-cli get BlockedIp id1Create
Section titled “Create”stalwart-cli create BlockedIpstalwart-cli query BlockedIpstalwart-cli query BlockedIp --where address=exampleUpdate
Section titled “Update”stalwart-cli update BlockedIp id1 --field reason=manualDelete
Section titled “Delete”stalwart-cli delete BlockedIp --ids id1BlockReason
Section titled “BlockReason”| Value | Label |
|---|---|
rcptToFailure | Excessive failed RCPT TO commands |
authFailure | Excessive failed authentication attempts |
loitering | Excessive loitering connections |
portScanning | Excessive port scanning attempts |
manual | Manually blocked IP address |
other | Other reason |