Linux
Exim 配置 - 僅在 25 上監聽 localhost
我想使用 Exim4 作為我伺服器的 MTA,但基本上只用於發送電子郵件。對於安全問題,我想將傳入連接限制為僅本地主機(我認為)。因此 exim4 配置中有這個選項,您可以在其中指定:
偵聽傳入 SMTP 連接的 IP 地址:
如果我把 localhost 放在那裡,我可以很好地通過 mutt 和 mail 發送電子郵件,但是我機器上的其他服務無法連接到 exim 守護程序來發送電子郵件,特別是因為如果我指定 localhost 則沒有綁定到埠 tcp/25上面的欄位。
當然,如果我將該欄位留空,一切正常,但我不想為我自己的機器以外的任何其他人偵聽 tcp/25 ……這是我接受所有連接時的日誌,用於 ossec 等本地服務:
2013-10-08 12:26:13 1VTcv7-XXXXX-XX <= ossecm@myserver.edu H=localhost (notify.ossec.net)
$$ 127.0.0.1 $$P=smtp S=979
如果您確實將“localhost”放在該設置中,請嘗試改為:
dc_local_interfaces='127.0.0.1 ; ::1'
在dpkg-reconfigure exim4-config期間,如果您選擇 *Internet site" 作為類型,則第二個問題如下所示:
Please enter a semicolon-separated list of IP addresses. The Exim SMTP listener daemon will listen on all IP addresses listed here. An empty value will cause Exim to listen for connections on all available network interfaces. If this system only receives mail directly from local services (and not from other hosts), it is suggested to prohibit external connections to the local Exim daemon. Such services include e-mail programs (MUAs) which talk to localhost only as well as fetchmail. External connections are impossible when 127.0.0.1 is entered here, as this will disable listening on public network interfaces. IP-addresses to listen on for incoming SMTP connections:
只需在該欄位中輸入以下內容:
127.0.0.1; ::1