On Mon, Jan 26, 2009 at 4:00 PM, mouss <mo...@ml.netoyen.net> wrote: > Dave a écrit : > > On Mon, Jan 26, 2009 at 12:58 PM, Bjørn Ruberg <bj...@ruberg.no > > <mailto:bj...@ruberg.no>> wrote: > > > > [snip] > > > > An even easier alternative is to let Postfix listen to localhost > > only, by adding "127.0.0.1 <http://127.0.0.1>:" in front of the > > "smtp" configuration setting in master.cf <http://master.cf>, so > > that it says something like this: > > > > 127.0.0.1:smtp inet n - - - - > smtpd > > > > That way it will not be directly reachable from the outside. > > > > -- > > Bjørn > > > > > > OK, I did this too. (In addition to setting inet_interfaces = 127.0.0.1 > > in main.cf <http://main.cf>.) > > > This may cause problems because the IP will also be used for > smtp_bind_address, which means smtp will use it as the source IP when > talking to other mail servers. > > better not play with inet_interfaces and edit master.cf instead. >
Thanks for the tip. As far as I know, however, my Postfix only needs to talk to my gmail-provided smtp server. I just tested, and I can indeed still send email (which is relayed via gmail) even with the above change in place. I don't want anyone connecting to my Postfix server and I don't want it to send any email from any other machine and I only want it to relay email via gmail smtp. Given all that, is there any reason to undo the inet_interfaces change I made? > > > > > I'll do the firewall too if I can easily do it via webmin. > > > > There must be howtos/guides/docs/... out there. but you'll have to take > the time to learn about firewalling (this is worth the pain anyway). I'm using DenyHosts. I would also like to set up a firewall using Webmin, but the last time I googled it, the results I got were zero help given my starting knowledge.
