Mail Protection: Configure Interface/IP SMTP proxy listens on
Enabling the mail-security features presently opens up a massive surface area on all interfaces and ips. I would like to see the mail-security feature include a more assignable approach where we can choose what interfaces/ips the mail-security will bind to.
As we are a hosted service provider, the all or nothing functionality currently available is not ideal.
Each WAN port should be able to configure individually to either allow smtp traffic pass through or proxied.
Nathan Lock commented
The word below was pen-a-tration test - (dumb word censor algorithm)
Any Way another 2 years on and no sign of implementation of this basic firewall feature.
PWA Wish List Admin commented
This one gets mentioned in every *********** test! We only need to be listening for smtp on one ip address - not all of them.
Rolf Müller commented
Your request is pretty much part of this request:
As this one got already over 150 votes, you should consider voting for it, too. :-)
I agree with Kris,
I think it's not good practice to have all my public IP open for SMTP communications.
It's difficult to audit the logs and does not comply with least privilege concept.
Yes i would like that also now on all my public ip's SMTP is active!
How can i enable Mail security only on 1 public ip address?