Sockets are generally better. I don’t know why we use a port. This is pretty old code.
It’s not about compatibility; all Linux versions going back many years support named sockets. @Jamie is there a reason other than historical baggage we’re using a port for the greylisting policy server rather than a named socket? Maybe it’s what ships in the package?
Currently we just follow the default port as set in /etc/default/postgrey by the distro packages, but if that’s not found we do fall back to using a TCP port. We could change that though…
I can’t really think of any security reason it’d be necessary/useful, so I don’t think it’s urgent, But doing things in the usual way (whatever the project maintainers recommend or what’s the default in the package, when reasonable) is always good.
I think this one is mostly a preference thing, I’m unaware of security or performance concerns here; a port and a named socket behave the same. The only benefit to a socket is a user can’t squat on it…but that’s unlikely to happen with a service that starts at boot, and there are no security implications I can think of to doing so even if they could.
Its not urgent nor important, but it should be listed that way when you get sick of working so hard on the cloudmin install script you promised us 2 years ago, you have a record of things that should be looked at given extra time.
That is why you have a github page isn’t it so people can list things that need/want to be changed ?