Mailinglist Archive: opensuse-factory (626 mails)

< Previous Next >
[opensuse-factory] Disable most of local MTA capability by default
  • From: Volker Kuhlmann <list0570@xxxxxxxxxxxxxxx>
  • Date: Sat, 29 Mar 2008 09:18:28 +1300
  • Message-id: <20080328201827.GD13849@xxxxxxxxxxxxxxx>
Akin to today's topic of disabling network services when not needed, I'd
like to suggest to also cripple the MTA when full functionality is not
explicitly needed.

The local MTA should by default be listening on localhost:25 only, and
not on everything:25.

I also think that the local MTA by default should only accept msgs for
delivery which are addressed to anyone@localhost, and reject anything
addressed to the rest of the world. I tried to persuade postfix on 10.2
to do this and found that it's only possible with a bad cludge. Postfix
would accept anything (from localhost) and then not be able to deal with
msgs it wasn't supposed to deliver (or soemthing like that). Most email
clients work directly with the ISP's (or LAN's) relay host, so a
fill-fledged local MTA is not needed. At least Debian has done default
installs like this for some time now (with exim though).

Volker

--
Volker Kuhlmann is list0570 with the domain in header
http://volker.dnsalias.net/ Please do not CC list postings to me.
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References