From 8eb966dece7e48baad3c27ca193add5ca3df043b Mon Sep 17 00:00:00 2001
From: georglauterbach <44545919+georglauterbach@users.noreply.github.com>
Date: Mon, 11 Mar 2024 11:57:27 +0100
Subject: [PATCH] add warning for firewalling traffic in K8s

---
 docs/content/config/advanced/kubernetes.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/content/config/advanced/kubernetes.md b/docs/content/config/advanced/kubernetes.md
index 3d5c05f5..6bc21d4b 100644
--- a/docs/content/config/advanced/kubernetes.md
+++ b/docs/content/config/advanced/kubernetes.md
@@ -722,6 +722,12 @@ The major problem with exposing DMS to the outside world in Kubernetes is to [pr
                 }
                 ```
 
+                !!! warning
+
+                    You are responsible for properly managing traffic inside your cluster and to **ensure that only trustworthy entities** can connect to the designated PROXY protocol ports. With Kubernetes, this is usually the task of the container network interface.
+
+                    While Dovecot provides a very basic machanims to achieve firewalling connections via `haproxy_trusted_networks`, Postfix does not provide ann equivalent at all.
+
                 Last but not least, the `ports` section in the `Deployment` needs to be changed. The following ports have to be added:
 
                 ```yaml