[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: trying to restrict postfix use of port

On Thu, 21 Jan 2010 16:04:00 +0000, Adam Hardy wrote:

> Camaleón on 21/01/10 15:44, wrote:

>>> The point is that I don't want to have port 25 open to the world,
>>> since I don't want to receive any emails on this system, I just want
>>> to send.
>> 
>> Unless you have a external IP address assigned (dedicated or shared)
>> and your provider is redirecting incoming smtp traffic to your local
>> address where you have configured the MTA server, there is no way that
>> someone can establish a remote connection with your mail server host as
>> it's using a local (non routable) ip address.
> 
> But I do have an external IP address assigned (e.g. 10.20.30.40,
> although it's different outside the confines of this mailing list
> discussion) and my hosting provider does NAT the incoming SMTP traffic
> to it (as standard for their firewall) and so yes it is totally
> routable.

Then ask your provider to close that port because you don't need it and 
it's dangerous to have such port opened.

> I just did a little test to send messages from thunderbird on my PC here
> and it connects and will deliver, if I address the mail to one of the
> user accounts on the system.

That is the standard setup for Postfix. But that does not mean your host 
is an acting as an "open relay". Anyway, you can also tweak that 
behaviour.  
 
> All I'm saying is that I don't need this, and I'd like to find a way to
> shut it down whilst leaving the outbound mail delivery intact.

http://www.postfix.org/BASIC_CONFIGURATION_README.html#relay_from

Try with one of these values:

mynetworks_style = host

or 

mynetworks = 127.0.0.0/8

And remember to restart the Postfix service after editing "/etc/postfix/
main.cf" so changes are applied.

-- 
Camaleón
Reply to: