Void's Forums

Void Main's Beautiful Site

Skip to content

securing email server

Place to discuss Fedora and/or Red Hat
Post a reply

securing email server

Postby cdhgold » Wed Sep 26, 2007 11:40 am

i'm running a imap/pop3 server on rhel4 using dovecot/postfix/squirrelmail and i want to secure it but am not sure where to start .. any suggestions?

cdhgold
User avatar
cdhgold
administrator
administrator
 
Posts: 382
Joined: Tue Mar 18, 2003 6:11 pm
Location: Texas
Top

Postby Void Main » Wed Sep 26, 2007 5:34 pm

Depends on who needs to connect to it and from where. Is it behind a hardware firewall or is it Internet facing with iptables? I would suggest encrypting all connections (imaps/pop3s/https) and restricting to as narrow of a scope of addresses as you can. It would also be best to require authentication for sending mail.
User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Top

Postby cdhgold » Thu Sep 27, 2007 11:22 am

it is internet facing .. have not configured iptables yet .. i take it from your question i should do that before i deal with the email services?
User avatar
cdhgold
administrator
administrator
 
Posts: 382
Joined: Tue Mar 18, 2003 6:11 pm
Location: Texas
Top

Postby Void Main » Thu Sep 27, 2007 12:37 pm

I would certainly make sure only necessary ports are exposed with iptables as a first step baseline. Then you have to make sure the services on the other end of the ports left exposed are as secure as you can make them.
User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Top
Post a reply

Return to Fedora/Red Hat

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group
cron