thuizt 0 Posted September 14, 2015 Posted September 14, 2015 Hello, Installed ESET Mail Security on linux for the first time. Followed the "ESET Mail Security & Zarafa 7 Infrastructure Integration" manual and we quickly had a running security solution. Everyone happy. To quick though. As ESET creates an SMTP interface before Postfix that does the detection all incoming mail on Postfix is suddenly from localhost and as such free to flow into (and out !!) of the mail system. We just created a nice open relay that within several days of course was abused with all the issues that come with it. As Postfix delivers mail to the Smart SMTP host on the internet the localhost was secure. Which it is not anymore Mail for my internnal domains as delivered to the mail server. Not being a Postfix expert I wonder how to make this solution relay proof. Any help appreciated.
Recommended Posts