1 |
I'm just wondering... |
2 |
|
3 |
I'm implementing an email gateway using postfix. The gateway lives as |
4 |
a VM in my ISP, and it will deliver 'accepted' emails to the company's |
5 |
email server which lives in the DMZ. The email server's port is |
6 |
shifted to a non-25 external port number. |
7 |
|
8 |
So far so good. However, a portscanner might still be able to detect |
9 |
which port is open and attempt deliveries there. |
10 |
|
11 |
So, the question: Is it possible to configure the system in some way |
12 |
so that Postfix will first perform a portknocking before attempting |
13 |
delivery to the internal mail server? |
14 |
|
15 |
If that is not possible, what solution would you recommend to 'harden' |
16 |
the non-25 mail port? |
17 |
|
18 |
Rgds, |
19 |
|
20 |
|
21 |
-- |
22 |
-- |
23 |
Pandu E Poluan - IT Optimizer |
24 |
My website: http://pandu.poluan.info/ |