On Sat, May 13, 2023 at 06:51:30PM +0800, Tom Reed via Postfix-users wrote:
> Can I setup only port 25 open to the world? If port 465/587 are filtered > by iptables which only permit internal users to connect, does this make > sense to external MTAs (such as google, MS's)? You do not need to expose ports other than 25 to outside sources (you don't have to operate anything on those ports except as needed by your own users). For the blocked ports, your firewall should typically reply with a TCP RST, rather than just drop packets. This could at least be useful on the "ident" port: auth 113/tcp ident tap #Authentication Service in case some "qmail" systems are still expecting it to be available. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org