Docker Mailserver
How does one secure port 25? #4246
-
|
First off I want to thank the maintainers and community. The last time I setup a mail server was a decade or so ago on bare metal and it was awful. Using docker-mailserver has been almost painless. After reading the security documentation I'm a little concerned. It clearly states "It is possible for internal clients to submit mail to be sent outbound (without requiring authentication), but that is discouraged. Prefer the submission ports." How do I secure port 25 to disallow outbound mail? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Have you tried it? By default, sending mails without authentication isn't possible, unless you customize the behaviour, e.g. with PERMIT_DOCKER |
Beta Was this translation helpful? Give feedback.
-
The documentation there is a bit outdated now, we can update that. Previously when it was written, that was true unauthenticated submission on port 25 was possible IIRC. That's since changed, along with the default
As @casperklein suggested, you should find that nothing is required to, it should be prevented out of the box with current DMS releases. |
Beta Was this translation helpful? Give feedback.
The documentation there is a bit outdated now, we can update that. Previously when it was written, that was true unauthenticated submission on port 25 was possible IIRC.
That's since changed, along with the default
PERMIT_DOCKERbeing set tononefor some time now that you have to intentionally relax the security to be able to submit mail that way.As @casperklein suggested, you should find that nothing is required to, it should be prevented out of the box with current DMS releases.