Public bug reported: At the moment, an apt-get install postfix has Internet Site as the default, which leaves postfix running and listening on all interfaces. I'm aware of some history around this, i.e. bug 29741, but I don't think that rationale actually makes sense.
We should listen on localhost for the default installation path, i.e. Local Only should be the default. There are two important reasons why listening on localhost only is sensible: 1. MTA interactions are "stateful", and by this I mean: once an email server is listening as an MX, a transmitting MTA will consider answers from it definitive. If the MX says user doesn't exist, or otherwise rejects the email, then that is final. 2. Once you run an MTA on a public interface on a public host, such as on a public cloud instance, it is immediately available over to probing and attacking. The first is actually what bit me personally -- I have a highly customized set up, with vhosts, ldap, etc, and I couldn't figure out Others have discussed this in the past, including https://major.io/2015/10/14/what-i-learned-while-securing-ubuntu/ ** Affects: postfix (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1860315 Title: Default installation should be Local Only To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1860315/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs