So, the main thing is that the control server is where the messages for distribution are directed – think of it as the SMTP server. It’s the web server which directs those responses to it’s clients (the POP3/IMAP equivelent end).

As such, the control end should be controlled. In a larger environment, they would be on an RFC1918 address, unroutable to the public, but in this position, where the messages are generated locally for delivery, it makes sense to me to effectively firewall them off, by making it so only the processes running locally on the host can see them – hence binding the control server to 127.0.0.1.

I know you said it’s not relevant, but I just wanted to expand and clarify why it wasn’t.