Peter van Dijk writes:
> On Wed, Jun 06, 2001 at 03:27:49PM +0200, Duncan MacMillan wrote:
> > I'm sorry if this is off topic for this list, but I'm assuming that there
> > will be people here that can answer this question.
> >
> > I have a box that runs QMail & TCPServer. The box has multiple external
> > addresses that are used to route various port connections to internal
> > network addresses using redir. My problem is that I now find that I need to
> > route a port 25 connection into the network. The problem I am having is that
> > TCPServer is binding to all the interface addresses and as such redir can
> > not bind to the address and port I need.
> >
> > My question is how do I limit TCPServer to a specific address when it starts
> > listening on ports 25 and 110.
>
> Somewhere in the tcpserver line, there is a '0'. Change that to the IP
> you want it to bind to.
Yep. In fact, I strongly recommend that an ISP always run two
instances of qmail-smtpd. One should be bound to the IP address whose
hostname is published in MX records. The other should be bound to an
IP address bound to a name like "smtp.example.com", which users
configure into their email clients for outgoing relaying.
This is not to solve the problem of open relays, but instead to solve
the problem of external denial of service attacks.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok |
521 Pleasant Valley Rd. | +1 315 268 1925 voice | John Hartford, RIP
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX |
