securing email server

Place to discuss Fedora and/or Red Hat
Post Reply
User avatar
cdhgold
administrator
administrator
Posts: 382
Joined: Tue Mar 18, 2003 6:11 pm
Location: Texas

securing email server

Post by cdhgold » Wed Sep 26, 2007 11:40 am

i'm running a imap/pop3 server on rhel4 using dovecot/postfix/squirrelmail and i want to secure it but am not sure where to start .. any suggestions?

cdhgold

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Wed Sep 26, 2007 5:34 pm

Depends on who needs to connect to it and from where. Is it behind a hardware firewall or is it Internet facing with iptables? I would suggest encrypting all connections (imaps/pop3s/https) and restricting to as narrow of a scope of addresses as you can. It would also be best to require authentication for sending mail.

User avatar
cdhgold
administrator
administrator
Posts: 382
Joined: Tue Mar 18, 2003 6:11 pm
Location: Texas

Post by cdhgold » Thu Sep 27, 2007 11:22 am

it is internet facing .. have not configured iptables yet .. i take it from your question i should do that before i deal with the email services?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Thu Sep 27, 2007 12:37 pm

I would certainly make sure only necessary ports are exposed with iptables as a first step baseline. Then you have to make sure the services on the other end of the ports left exposed are as secure as you can make them.

Post Reply