I'm just wondering... I'm implementing an email gateway using postfix. The gateway lives as a VM in my ISP, and it will deliver 'accepted' emails to the company's email server which lives in the DMZ. The email server's port is shifted to a non-25 external port number.
So far so good. However, a portscanner might still be able to detect which port is open and attempt deliveries there. So, the question: Is it possible to configure the system in some way so that Postfix will first perform a portknocking before attempting delivery to the internal mail server? If that is not possible, what solution would you recommend to 'harden' the non-25 mail port? Rgds, -- -- Pandu E Poluan - IT Optimizer My website: http://pandu.poluan.info/
