Postfix - SMTP Client Restrictions - Help Please

SYSTEM INFORMATION
OS type and version Debian 11
Webmin version 2.013

Hello,

Outside entities always seem to find a Postfix server in a matter or hours (or sometimes minutes) after it is set up. Seeing as how I only need Postfix to forward messages to me that Dovecot will be receiving, and I have no intention to use SMTP from an external IP, I would like to limit Postfix to only be able to send emails from its internal IP.

I checked the following two options in the “SMTP Client Restrictions” area in the Postfix Server module:

Allow connections from same network
Allow connections from this system

The expected behaviour is that any attempt to send mail from an external source would be denied.

Looking at var/log/mail.log, I am still seeing that it is considering requests from those pesky IPs (albeit denying every one of them).

Your help is appreciated.

Hello,

So far as I can say, there are many ways to achieve your desired situation. The easiest one is to put your local network subnet into “mynetworks” and set “smtpd_relay_restristions = permit_mynetworks”. This will restrict Postfix to relay only emails from your subnet.

You can find a better described document regarding this issue here: How to restrict IP Address to use postfix smtp relay | GoLinuxCloud

This seems similar to the fail2ban thread. The system still has to process the request to see if it is valid. But, if there is no inbound, block the port in your firewall.

Thanks I’ll give that a shot.

careful you don’t block the mail transfers.

1 Like

No, this did not work… It happily accepted my email (albeit with correct SMTP authentication). The problem is that you can’t use firewalls to do this AFAIK, because you need port 25 wide open for the initial negotiation.

Eh, not a big deal… I guess I’ll put up with those irritating brute force attackers.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.