23 Jul
2008
23 Jul
'08
8:05 p.m.
Why this? I do this with iptables. Hm. Mainly because I find hosts.{allow,deny} easier to handle in this case than (i)pf.conf. It's also somewhat more staightforward to maintain a single pair of hosts.* files consistent accross all mail servers than to deal with individual packet filter rules. And, if you like to, you can do more elaborate things with tcp wrappers than what I mentioned (and currently need).