Postfix and Dovecot opened ports

Quite the old question, but my response might be useful for some anyway..

On Debian GNU/Linux 7.6 (wheezy), find version with lsb_release -a, and Dovecot running 2.1.7, find version with dovecot --version, to disable ports, you must edit the file /etc/dovecot/conf.d/10-master.conf.

For example, if you only want to have pop3s (port 995), you should insert port=0 in all the relevant inet_listener sections.

Example code to allow only pop3s:

#/etc/dovecot/conf.d/10-master.conf    

service imap-login {
      inet_listener imap {
        #address = none
        #port = 143
        port=0
      }
      inet_listener imaps {
        #address = none
        #port = 993
        #ssl = yes
        port=0
      }


    service pop3-login {
      inet_listener pop3 {
        #address = none
        #port = 110
        port=0
      }
      inet_listener pop3s {
        #port = 995
        #ssl = yes
      }
    }

Now, restart dovecot with sudo service dovecot restart. You could run a port scan, with nmap against the network interfaces to verify that dovecot is no longer listening on the ports you wanted to disable.

Run nmap scan localhost to scan local host, and nmap scan nnn.nnn.nnn.nnn or nmap scan mail.mydomain.com to scan the public facing network interfaces.

If you did everything as in this example, the ports 110 (pop3), 143 (imap),993 (imaps), should no longer be listed as open.

Postfix and Dovecot opened ports

Tags:

Postfix

Dovecot

Related

Recent Posts