On Debian Sid i have seen that ufw service is stopped on logrotate!!
Its a bad known bug!
Workaround:
- Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet
- Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2)
- Disable unneeded Services ! like Samba, FTP…
- move config from /etc/logrotate.d/ufw to /root/ to disable ufw logrotate !!
- edit /etc/ufw/ufw.conf set LOGLEVEL to “off”
- restart the Server and check open Ports next Days from outside with:
$sudo nmap -PN my.server.com