After upgrading our server to UbuntuHardyHeron8.04, we found that the email service had risen sharply. Finally, we checked that the SMTP service was not secure: It was fully open, which is a big problem. After a series of tests, we found that the/etc/postfix/master. cf was modified, and the two annotations were removed: smtpinetn ---- smtpd # submissioninetn ---- smtpd #-osmtpd_etrn _
After upgrading our server to Ubuntu Haron 8.04, we found that the mail service had risen sharply. Finally, we checked that the SMTP service was insecure: It was fully open, which was a big problem.
After a series of tests, we found that the/etc/postfix/master. cf was modified and the two annotations were removed:
Smtp inet n--smtpd
# Submission inet n--smtpd
#-O smtpd_etrn_restrictions = reject
-O smtpd_client_restrictions = permit_sasl_authenticated, reject
# Smtps inet n--smtpd
#-O smtpd_tls_wrappermode = yes-o smtpd_sasl_auth_enable = yes
# Submission inet n--smtpd
-O smtpd_etrn_restrictions = reject
-O smtpd_enforce_tls = yes-o smtpd_sasl_auth_enable = yes
In this way, the client must use TLS for connection and pass verification.
It is not clear whether other Web mail services on this machine have any impact.