/dev/rob0 Need to secure up server. But want to use qmail sending and php mx functions

Jan Engelhardt jengelh at linux01.gwdg.de
Wed Aug 24 07:58:09 CEST 2005


>Experiment with LOG rules to see what other external connections are 
>being initiated. Perhaps you will find that your PHP has already been 
>0wn3d. ;)

... which led me to use
 -t filter -A OUTPUT -m owner --uid-owner wwwrun -p tcp --dport 25 -j REJECT

if someone really wants a mail-sending forum or stuff, that particular 
company/etc. will have to provide two servers for 80/25 :P But for 
"just webpages, but with PHP" this seems ideal.



Jan Engelhardt
-- 



More information about the netfilter mailing list