From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-125103-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1QdgCX-0003B2-CB
	for garchives@archives.gentoo.org; Mon, 04 Jul 2011 10:16:25 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 5128621C024;
	Mon,  4 Jul 2011 10:14:55 +0000 (UTC)
Received: from svr-us4.tirtonadi.com (unknown [69.65.43.212])
	by pigeon.gentoo.org (Postfix) with ESMTP id 2894821C024
	for <gentoo-user@lists.gentoo.org>; Mon,  4 Jul 2011 10:14:55 +0000 (UTC)
Received: from mail-ey0-f181.google.com ([209.85.215.181])
	by svr-us4.tirtonadi.com with esmtpsa (TLSv1:RC4-SHA:128)
	(Exim 4.69)
	(envelope-from <pandu@poluan.info>)
	id 1QdgB3-003onQ-R1
	for gentoo-user@lists.gentoo.org; Mon, 04 Jul 2011 17:14:53 +0700
Received: by eyh5 with SMTP id 5so1929768eyh.40
        for <gentoo-user@lists.gentoo.org>; Mon, 04 Jul 2011 03:14:51 -0700 (PDT)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.14.27.200 with SMTP id e48mr1784594eea.125.1309774491047; Mon,
 04 Jul 2011 03:14:51 -0700 (PDT)
Received: by 10.14.189.12 with HTTP; Mon, 4 Jul 2011 03:14:51 -0700 (PDT)
In-Reply-To: <20110704025522.GA27297@waltdnes.org>
References: <CAA2qdGXHV9_zu0YNsX5c5rFVE2yu-E1t5TA+6T2P=DEiwaGApA@mail.gmail.com>
	<20110704025522.GA27297@waltdnes.org>
Date: Mon, 4 Jul 2011 17:14:51 +0700
Message-ID: <CAA2qdGUaa7NJVFwXh3YXueS-wWpAKCuLXOiFCbYnv6POaXGWxQ@mail.gmail.com>
Subject: Re: [gentoo-user] Portknock before Postfix delivery?
From: Pandu Poluan <pandu@poluan.info>
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - svr-us4.tirtonadi.com
X-AntiAbuse: Original Domain - lists.gentoo.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - poluan.info
X-Archives-Salt: 
X-Archives-Hash: a10ed301400a379996e3eee2f13965df

On Mon, Jul 4, 2011 at 09:55, Walter Dnes <waltdnes@waltdnes.org> wrote:
>
> On Mon, Jul 04, 2011 at 08:31:10AM +0700, Pandu Poluan wrote
>
> > If that is not possible, what solution would you recommend to 'harden'
> > the non-25 mail port?
>
> =C2=A0portknocking sounds like doing things the hard way. =C2=A0The gatew=
ay has
> to have either a fixed IP address or at least a domain name. =C2=A0Set up
> iptables on your internal server to accept connections on the shifted
> smtp port only if the connection is coming from the right IP address or
> domain name.
>

*slaps forehead*

Gosh, you're right. What was I thinking...

Clearly a case of Rube Goldberg-ian solution >.<

Thanks for knocking some sense into my thick skull :-)

Rgds,
--
FdS Pandu E Poluan
~ IT Optimizer ~
Visit my Blog: http://pepoluan.posterous.com
Google Talk:=C2=A0=C2=A0=C2=A0 pepoluan
Y! messenger: pepoluan
MSN / Live:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 pepoluan@hotmail.com (do not send=
 email here)
Skype:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 pe=
poluan