Hi all... venturing into unfamiliar territory so I'm hoping someone can help me and make things a little more understandable for me.
I have setup Postfix on a standalone server connected directly to the internet. I have got inbound and outbound email working for the most part, but I am worried about security.
My fear is that if I leave port 25 open to the outside world spammers will find this and start relaying mail through it and eventually blacklisting the IP attached to this box.
For now, I am hosting mail for a single domain and single user (me) with a few aliases. I plan on expanding to IMAP and SMTP access from the outside at some point, but for now I've been using Mutt in a shell and it's fine for my needs for now.
Here are my current Postfix settings:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
inet_protocols = ipv4
mailbox_size_limit = 0
mydestination = subdomain.mydomain.net, localhost.mydomain.net, , localhost, mydomain.net
myhostname = server01.mydomain.net
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
I'm thinking the mynetworks parameter will stop all mail relay from the outside world, but I have port 25 open and I can telnet to it from the internet.
Again, this is a standalone host with a public IP address (no NAT) and a Shorewall/IPTABLES firewall configured.
Any insight appreciated
Postfix security
