Re: [Exim] Rejecting all connections from non-local hosts

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MGreg Ward at <-
MDan Lowe at ->
Delete this message
Reply to this message
Author: James Antill
Date:  
To: dan
CC: Tom Huckstep, Dr Andrew C Aitchison, exim-users
Subject: Re: [Exim] Rejecting all connections from non-local hosts
Dan Lowe <dan@???> writes:

> Previously, Tom Huckstep said:
> >
> > > Which MUAs talk to port 25 on the local host, rather than running
> > > exim themselves ?
> >
> > It's fetchmail I'm worried about. The man page says that it's better
> > to use SMTP, as opposed to running a command:
>
> I'd stop using inetd, start up a daemon (i.e. exim -bd -q1h) and set
>
> local_interfaces = 127.0.0.1
>
> Then it will bind only to localhost, and your "external" IP(s) won't
> have a listening daemon on them.

This doesn't do what you think it does. You'd should at least specify
that anything that isn't 127.0.0.1 shouldn't be able to send messages
(see the bugtraq archive for ways of coming in from the 'net and
speaking to 127.0.0.1).

--
James Antill -- <james@???>
Firewall n.
1. A bad security program used to make other bad security programs less
baddly in need of security.


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] changing from procmail to eximRe: [Exim] Rejecting all connections from non-local hosts->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)