|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Need help with Postfix config
|
My Covad/Speakeasy went down Monday and isn't back yet, so I've moved my
server to a colo, but I'm a little stuck getting some parts working.
Basically, since it was on a LAN DMZ before, I need to lock it down a bit.
Port 25 was always wide open to the world, so I have Postfix locked down
pretty well for relaying & spam. Which is the problem. Now my clients
can't use that server to send outgoing (which I want to do).
I have worked around the problem for now (since you are reading this) by
adding my FiOS IPA to my Postfix 'mynetworks' in /etc/postfix/main.cf,
but that's not an ideal solution for various reasons. Also, I got
IMAP/SSL working on 993, but have nothing for SMTP yet. What I *think*
I want to do is leave 25/TCP alone (for incoming mail from Internet
servers) and run SMTP/SSL on 465/TCP, and authenticate users on that
port via PAM for outgoing mail.
Can anyone a) suggest something better or b) provide Postfix config clues?
BTW I have enough points in CACert to get my SSL certs from there, which
I did for the IMAP/SSL and can do for the SMTP/SSL as well.
Thanks,
JP
----------------------------|:::======|-------------------------------
JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org
My Account, My Opinions |=========| http://www.jpsdomain.org/
----------------------------|=========|-------------------------------
"Microsoft Tax" = the additional hardware & yearly fees for the add-on
software required to protect Windows from its own poorly designed and
implemented self, while the overhead incidentally flattens Moore's Law.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|