Allow blocking of specific paths/URIs

[xFanexx]

Summary

It would be very useful if users could configure certain paths or domains to be blocked.

For example, I run multiple domains, with the main Web UI accessible via mail.domain.tld
Currently, the Web UI is also reachable via mta-sts.domain.tld which doesn’t make sense (at least to me) and can be confusing.

It would be great to add an option to either block the root path of certain domains (returning 403) or redirect it directly to /.well-known/mta-sts.txt, while still allowing access to that TXT file for proper MTA-STS functionality.

Motivation

This enhancement would probably improve security and clarity by preventing the Web UI from being exposed on domains where it’s not needed, reducing potential attack surface and user confusion. It would also give administrators finer control over how MTA-STS and other paths are served.

Additional context

No response

[xFanexx]

• This is correct and expected, as it’s the normal Web UI on the main domain:

• This image shows the Web UI exposed on mta-sts.domain.tld (why?)
  This is confusing and could potentially be an additional attack vector

• This behavior also occurs on other domains.
  The Web UI doesn’t need to be exposed there, so it would make sense to block the root / path and only allow access to /.well-known/mta-sts.txt:

[xFanexx]

• Also for the following paths : autoconfig.domain.tld and autodiscover.domain.tld, the WebUI is also exposed there..........
  This can be fixed via a reverse proxy tho....