Postfix and Dovecot opened ports
Quite the old question, but my response might be useful for some anyway..
On Debian GNU/Linux 7.6 (wheezy), find version with lsb_release -a
, and Dovecot running 2.1.7, find version with dovecot --version
, to disable ports, you must edit the file /etc/dovecot/conf.d/10-master.conf
.
For example, if you only want to have pop3s (port 995), you should insert port=0
in all the relevant inet_listener sections.
Example code to allow only pop3s:
#/etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
#address = none
#port = 143
port=0
}
inet_listener imaps {
#address = none
#port = 993
#ssl = yes
port=0
}
service pop3-login {
inet_listener pop3 {
#address = none
#port = 110
port=0
}
inet_listener pop3s {
#port = 995
#ssl = yes
}
}
Now, restart dovecot with sudo service dovecot restart
. You could run a port scan, with nmap against the network interfaces to verify that dovecot is no longer listening on the ports you wanted to disable.
Run nmap scan localhost
to scan local host, and nmap scan nnn.nnn.nnn.nnn
or nmap scan mail.mydomain.com
to scan the public facing network interfaces.
If you did everything as in this example, the ports 110 (pop3), 143 (imap),993 (imaps), should no longer be listed as open.