The previous scheme had a serious limiting factor: Many server programs will insist on listening to a network port. However, they will almost always allow for relocation. In this scheme, the server's socket will be moved to a different port, and ProtoWrap will listen for communication on the server's original port. The author strongly reccomends adding local firewalling rules to avoid any direct external communication to the actual server's port.
With this setup, we have:
Server's /etc/rc.local includes:
1
/sbin/ipchains -A input -d 192.168.0.1/32 --proto tcp --destination-port 10025 -j REJECT /usr/local/bin/smtpwrap &
Server's /etc/sendmail.cf includes:
1
# SMTP daemon options O DaemonPortOptions=Port=10025
Server's /usr/local/bin/smtpwrap:
1
#!/usr/bin/perl use ProtoWrap::SMTP; use strict; my ($wrap); $wrap = ProtoWrap::SMTP->new('standalone' => 1, 'listenPort' => 25, 'destType' => 'ip', 'destAddr' => '127.0.0.1', 'destPort' => 10025, 'logLevel' => 3, 'maxMsgSize' => 3000000, 'relayDomainList' => ['mydomain.com'], 'maxRcpt' => 10, 'setUidTo' => 32767 ); die 'Can\'t start SMTP wrapper' if (not defined $wrap); $wrap->startServer() or warn 'Can\'t start wrapper for '.$wrap->getProp();