On Thu, 21 Jan 2010 17:36:41 +0000, Adam Hardy wrote: > Camaleón on 21/01/10 16:27, wrote:
>>> All I'm saying is that I don't need this, and I'd like to find a way >>> to shut it down whilst leaving the outbound mail delivery intact. >> >> mynetworks_style = host >> >> or >> >> mynetworks = 127.0.0.0/8 > > I am using mynetworks_style already but it doesn't stop SMTP listening > on port 25. By setting that value you are not disallowing Postfix to listen to port 25. A mail server has to listen at least in "loopback:25" so it can receive and process e-mails internally, coming from the host itself. By setting that value what you are preventing is that "another computer" can send any e-mails to/through your Postfix mailserver. If any of these values are set, they will be rejected. > I guess this is just a relatively new situation coming with the advent > of vservers that just isn't possible. > > I have set smtp_client_restrictions = reject so at least postfix > responds to external SMTP requests with an aggressive sounding "Client > host rejected: access denied" message. That is another approach. You can harden Postfix as much as you want. Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
