Camaleón on 21/01/10 12:29, wrote:
On Thu, 21 Jan 2010 00:01:01 +0000, Adam Hardy wrote:
Camaleón on 20/01/10 21:30, wrote:
inet_interfaces = 10.20.30.40, localhost ***
master_service_disable=smtp.inet
And what is that parameter for? :-?
Ah, you wanted to disable "smtp" connections at all? Mmm, I'm still a
bit confused about your goals...
>>
I would like port 25 to be closed. Surely if I'm not receiving, I don't
need to listen on it? I don't need it to send, do I?
I'm lost :-?
Didn't you say this?
***
It should listen like this (or all hell breaks loose on their server
farm):
tcp 0 0 10.20.30.40:25 0.0.0.0:* LISTEN
***
So if that remains true, you do need to open port 25 "locally" and bind
Postfix to listen in that IP.
But opening a port "locally" does not mean your SMTP server can be used
from remote, in fact it cannot unless:
a) The router (frame relay, xdsl line...) of your ISP/hosting provider is
actually forwarding the requests to port 25 to your machine (by using NAT
or iptables).
Yes I did say I wanted postfix to listen on 10.20.30.40:25 but that was while I
was still trying to work out the basic configuration. Now that I am happy that I
know why postfix is doing something and that it works, I would like to know
whether I can completely close port 25.
One person reckons port 25 has to be open for smtp to send - is that so? I don't
think so, I thought smtp would open some high numbered port temporarily.
Or does smtp pick up the emails to be sent via port 25?
It just bugs me from a security point of view that the whole world can see port
25 open when they look at that machine and some might take it into their heads
to aim their spam canons at it.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
