|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Curtis Doty (Curtis
GreenKey.net)
Date: Wed Oct 24 2007 - 08:42:05 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
9:32am Victor Duchovni said:
> On Wed, Oct 24, 2007 at 06:27:08AM -0700, Curtis Doty wrote:
>
>> No, I meant that postfix wasn't listening on the tunnel interface, which
>> is where the clients will try to connect/relay. And if I add the tunnel's
>> IP address to inet_interfaces, postfix will refuse to start if the tunnel
>> is down.
>
> If Postfix is listening on "all" interfaces, the tunnel will be included
> in the 0.0.0.0 listening socket. Otherwise you are out of luck. If some
> interfaces need to not be exposed, use the hosts firewall software if
> any to block the interfaces that should be excluded.
>
Gotcha, thanks. I will disable all use of inet_interfaces and use other
non-postfix means to restrict access to the "dangerous" interfaces.
../C
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]