Re: Best way to start exim4?
On Tue, Nov 18, 2003 at 08:58:49PM +0100, Jimmy Johansson wrote:
> On Tue, Nov 18, 2003 at 10:41:40AM -0800, Bill Moseley wrote:
> > On Tue, Nov 18, 2003 at 04:20:27PM +0100, Jimmy Johansson wrote:
> > > Hi,
> > >
> > > I'm wondering which is the best way to start exim4. I'm fetching my mail
> > > from my ISP with fetchmail manually with a script because I only want to
> > > do it when I am connected to internet.
> > >
> > > As I see it there are 3 alternatives, but if anybody can come up with a
> > > 4:th please tell me.
> > >
> > > 1) Starting exim as a daemon in /etc/rc$.d and protecting it with
> > > iptables and binding it to localhost in exim.conf.
> >
> > Why would you need iptables if you set local_interfaces in exim4.conf?
>
> I want to log any attempts to connect to port 25. Isn't iptables the way
> to do this? Also I want the added defense, so that if I do something
> stupid and/or want to open up exim4 to the world then this defense is
> already there. Maybe this is complete nonsense, but I am completly new
> to this and trying to learn so "slap my fingers" if I say something
> stupid!
That's reasonable. I run iptables and block everything except what I
want to allow.
My guess is you will go crazy trying to monitor connections to port 25.
I configured a new machine the other day on a static IP that has not
been used for over a year. I enabled logging for iptables and upon the
first boot once the machine was on the network I was seeing connection
attempts.
--
Bill Moseley
moseley@hank.org
Reply to: