So the mail server will now allow mail ports from any IP not blocked by a server control file. Those IP addresses who attempt to utilize other ports will be firewalled in accordance with the appropriate IP tables.
This was effected in an attempt not to have to play around excessively with the mail server, i.e. block everyone in the presence of a few exploiters.
So the web server will stop you dead in your tracks over 80 and 443 if you transgress my content with some attempt at exploitation.
Inasmuch as those are the only ports open anyhow I suppose it doesn't make too much difference. I remain amused at the attempts such as that to exploit the USB ports over 80 or 443 as if you were really going anywhere. I just wish the general populace were more behaved when it comes to the internet of things belonging to someone else.
Sometimes our cohorts really don't have a clue ... or any manners.