How to send email without receiving it



I’m running a custom web server on a SSD VPS.

It binds to port 80 (I moved the DreamHost stuff to port 81, although I’d prefer nothing at all there.)

Once in a blue moon, this web server needs to send email to me. So, I run postfix on the instance (the one that comes from Dreamhost)

But, looking in the logs, I can see lots of third parties (spam crawlers) trying to send email into my host (even though it’s not an MX for any domain.) I would like to not accept incoming mail requests, but still run postfix MTA for outgoing email (that relays through dreamhost.)

The “hammer” approach is to block the SMTP port (587 and 465 and 25.)
But “iptables” isn’t available.
I also get a bunch of errors about postfix/anvil not being available in syslog, which is spammy – I don’t want these. Where are they coming from?

Dec 30 20:53:29 ps498885 postfix/smtpd[1877]: warning: connect to private/anvil: Connection refused Dec 30 20:53:29 ps498885 postfix/smtpd[1877]: warning: problem talking to server private/anvil: Connection refused Dec 30 20:53:29 ps498885 postfix/smtpd[1877]: lost connection after RCPT from[] Dec 30 20:53:29 ps498885 postfix/smtpd[1877]: disconnect from[]

I also have tons of spam in syslog that seems to come from the DreamHost monitoring system, rather than from my own services:

Dec 30 20:58:01 ps498885 CRON[7480]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 20:59:01 ps498885 CRON[8749]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 21:00:01 ps498885 CRON[9769]: (root) CMD (ps -p `cat /var/run/ 2>/dev/null` > /dev/null 2>&1 || /etc/init.d/ndn-sec start) Dec 30 21:00:01 ps498885 CRON[9770]: (root) CMD (/usr/local/bin/safetynet > /dev/null 2> /dev/null) Dec 30 21:00:01 ps498885 CRON[9771]: (root) CMD (perl /usr/local/dh/bin/ > /dev/null 2>&1) Dec 30 21:00:01 ps498885 CRON[9772]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 21:01:01 ps498885 CRON[14031]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 21:02:01 ps498885 CRON[14849]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 21:03:01 ps498885 CRON[15712]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 21:04:01 ps498885 CRON[16720]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 21:05:01 ps498885 CRON[18086]: (root) CMD (ps -p `cat /var/run/ 2>/dev/null` > /dev/null 2>&1 || /etc/init.d/ndn-sec start) Dec 30 21:05:01 ps498885 CRON[18089]: (root) CMD (perl /usr/local/dh/bin/ > /dev/null 2>&1) Dec 30 21:05:01 ps498885 CRON[18090]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1) Dec 30 21:05:01 ps498885 CRON[18087]: (root) CMD (touch /tmp/croncheck.tmp) Dec 30 21:06:01 ps498885 CRON[20526]: (root) CMD (touch /tmp/croncheck.tmp)

I’d also like to not have all of that to sift through when looking for the actual performance of my system. (Why is there an apache check? I don’t even run apache!)

So, how can I configure this server to do the right thing?
Also, I can’t seem to run tcpdump on my local interface, which makes it even harder to diagnose things.

Also, rsyslog seems to listen to port 33224 on all the interfaces? Is this exposed to the world?