LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 01-29-2009, 01:55 PM   #1
dlugasx
Member
 
Registered: Dec 2008
Location: Germany/Poland
Distribution: CentOS / Debian / Solaris / RedHat
Posts: 250

Rep: Reputation: 18
Postfix - how to restrict access by telnet to postfix ?


Hi everyone,

maybe some body can tell me how can I secure postfix ?

After standard installation it looks like everybody using telnet can connect to my server and send email...

How can I restrict telnet connection to server ?


I`m using Debian 4 Etch.


dlugasx
 
Old 01-29-2009, 02:19 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
I don't think you've really understood what it means to use telnet to connect to postfix. Telnet is just used as a very basic network application which allows direct interaction with something at the other end of a TCP connection. you are not literally "telnetting" to it, despite the language used, as it is not the telnet protocol being used, just basic TCP. You can't block the use of the telnet application itself as there is nothing within SMTP to allow the mail client to identify what it is - thunderbird, outlook, mutt, telnet... all say the same things over SMTP.

If you forget about the telnet side completely, if you want to restrict access you can...

- use ssl / tls instead to encrypt the connection (telnet connections will still work just super if used over a ssl tunnel application like stunnel)

- restrict connections to certain IP addresses (again telnet is still completely possible from those permitted sources but no connectivity at all is allowed from other addresses)

there is *nothing* wrong with using telnet to debug things, it is not evil, and if you think it is, then you're mistaken.

Last edited by acid_kewpie; 01-29-2009 at 02:23 PM.
 
Old 01-29-2009, 02:24 PM   #3
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,516

Rep: Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896
just make sure the sever is no open relay.
so people using telnet to sent mail are not allowed.
 
Old 01-29-2009, 02:56 PM   #4
dlugasx
Member
 
Registered: Dec 2008
Location: Germany/Poland
Distribution: CentOS / Debian / Solaris / RedHat
Posts: 250

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by repo View Post
just make sure the sever is no open relay.
so people using telnet to sent mail are not allowed.
How can I check it ?


I found some website where You can check if server is open relay or not

http://www.spamhelp.org/shopenrelay/

It looks like postfix is not open relay by default.

Last edited by dlugasx; 01-29-2009 at 03:02 PM.
 
Old 01-29-2009, 04:55 PM   #5
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,232
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
by default postfix is not an open relay, but you can surely misconfigure postfix to make it an open relay..

Always a good idea to test..
 
  


Reply

Tags
access, postfix, restrict, telnet


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix: postfix: fatal: chdir(/usr/libexec/postfix) Micro420 Ubuntu 2 07-13-2008 01:21 PM
Restrict access per user with Squirrelmail and postfix ? id_viorel Linux - Server 0 05-30-2008 09:09 AM
Can Postfix Restrict Senders For Mailing Lists? tbeehler Linux - Software 2 04-07-2008 07:41 PM
to restrict rules of postfix, for some users (or local net). stomach Linux - General 1 03-14-2006 09:43 AM
How to restrict telnet access Lexx Linux - Security 7 02-27-2002 09:48 AM


All times are GMT -5. The time now is 11:49 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration