Postfix behind NAT router woes

Discussion in 'Installation/Configuration' started by MattJo., Jun 12, 2010.

  1. MattJo.

    MattJo. New Member

    Hi,

    So, things "work" so-to-speak, but I have read that because my server is behind a NAT router postfix will function as an open relay. I think I have verified that it is with an e-mail test, but how can I confirm this and more importantly--how can I fix it.

    Also, how can I ensure that authorization is always encrypted (Postfix running on Perfect Server setup: Lucid with ISPConfig3).

    thanks,

    Matt
     
  2. MattJo.

    MattJo. New Member

    Encrypted Authentication, Port 587, and a Noob

    So forget the part about the server behind a NAT--that was me being dense.

    I was going to ask all sorts of specific questions, but it occurs to me that my basic understanding of the mailing mechanisms security are flawed: What level of security does the default installation of Perfect Server with ISPConfig3 give with respect to e-mail security? Does it encrypt my username and password? Does it encrypt all of a message or only part of it? How can I implement them if it doesn't? Additionally, how can I harden the SMTP security?

    I have spent a great deal of time trying to implement some of the things I have read in Faq Forge and the Postfix site. Additionally Mark_NL has been very helpful, but I think I am missing something. Any help is much appreciated.

    thanks,

    Matt
     
  3. Toucan

    Toucan New Member

    When you followed the guide it talked you through creating security certificates in this section:
    Code:
    mkimapdcert
    mkpop3dcert
    When you connect to postfix via a client such as outlook it will ask you if you wish to connect via a secure connection. Although the standard certificate security will fail as it is self signed, you are still connected securely

    Everything between you and the server then is secure. Beyond that point I believe is much more difficult to control.
     
  4. admins

    admins Member

    Read more about SMTP authentification, TLS and more
    If you don't send authentificated your password will be send over the internet clearly.
     

Share This Page