After postfix and dovecot were installed, there are 4 ports open by default.
port 587
port 25
port 993
port 143
So I have improved them by implementing:
1. close public port 143
2. disable sasl auth on port 25
3. force smtp client to login using tls only on port 587
do you think there is any s
That's great. thanks all.
Belt and suspenders (the first setting implies the second, and the third
should then never be used), in master.cf for the submission entry set:
-o { smtpd_tls_security_level = encrypt }
-o { smtpd_tls_auth_only = yes }
-o { smtpd_sasl_security_options
Viktor Dukhovni via Postfix-users:
> On Mon, Jun 03, 2024 at 08:55:11PM +0800, Jeff P via Postfix-users wrote:
>
> > I have closed sasl auth on port 25. but users still can use port 587
> > for login with plain text. how can I force users to use submission
> > via start-tls only? I know I can o
On Mon, Jun 03, 2024 at 08:55:11PM +0800, Jeff P via Postfix-users wrote:
> I have closed sasl auth on port 25. but users still can use port 587
> for login with plain text. how can I force users to use submission
> via start-tls only? I know I can open port 465 for ssl connection.
> but for hi
Le 03/06/2024 à 14:55, Jeff P via Postfix-users a écrit :
Hello
I have closed sasl auth on port 25.
but users still can use port 587 for login with plain text.
how can I force users to use submission via start-tls only?
I know I can open port 465 for ssl connection. but for history reason
the p
Hello
I have closed sasl auth on port 25.
but users still can use port 587 for login with plain text.
how can I force users to use submission via start-tls only?
I know I can open port 465 for ssl connection. but for history reason
the port 587 must be open.
Thanks.
___
