On Mon, Jul 04, 2011 at 08:31:10AM +0700, Pandu Poluan wrote > If that is not possible, what solution would you recommend to 'harden' > the non-25 mail port?
portknocking sounds like doing things the hard way. The gateway has to have either a fixed IP address or at least a domain name. Set up iptables on your internal server to accept connections on the shifted smtp port only if the connection is coming from the right IP address or domain name. -- Walter Dnes <waltd...@waltdnes.org>