Mail Protection: Configure Interface/IP SMTP proxy listens on
Enabling the mail-security features presently opens up a massive surface area on all interfaces and ips. I would like to see the mail-security feature include a more assignable approach where we can choose what interfaces/ips the mail-security will bind to.
As we are a hosted service provider, the all or nothing functionality currently available is not ideal.
Each WAN port should be able to configure individually to either allow smtp traffic pass through or proxied.
I agree with Kris,
I think it's not good practice to have all my public IP open for SMTP communications.
It's difficult to audit the logs and does not comply with least privilege concept.
Yes i would like that also now on all my public ip's SMTP is active!
How can i enable Mail security only on 1 public ip address?