Secure SMTP and IMAP, with bastille

Secure SMTP and IMAP, with bastille

Post by shaundurn » Tue, 06 Aug 2002 22:09:48



I am relativly new to posting and hope you will forgive any blunders

I have a RH7.2 internet server, using DSL Non-Nat internet connection

I use bastille as a firewall, and currently only allow ssh coming in

I need to install a mail server on this machine, that will accept smtp
from an upline server

and allow IMAP (or pop) access from both internal and external sources

I want to ensure I dont get hacked (again)

I was thinking of using POSTFIX as the smtp server and Courier for IMAP
or maybe qpopper4

Can anyone tell me if these choices are good or not

Thanks

SHaun

 
 
 

Secure SMTP and IMAP, with bastille

Post by those who know me have no need of my nam » Wed, 07 Aug 2002 05:26:22


in comp.os.linux.security i read:

Quote:>I want to ensure I dont get hacked (again)

can't be done.  do what you can to prevent it, but be prepared for re-
installing when it happens.  by that i mean that you should certainly only
relax your packet filters so that the protocols necessary are allowed, in
this case smtp, imap and (maybe) pop.  and you should keep up on security
issues with any of the software which handles network connections,
including (but not limited to) the kernel, and the smtp, imap and pop
software.  and do what you can to monitor for break-in's.  but you also
need to admit that `shit happens', so make regular backups and if/when you
are penetrated take steps as soon as possible, e.g., even if an important
message is being sent shutdown the imap and pop services immediately then
disconnect the network as soon as `the message' has been sent.  the backups
need only be of important data, such as the mailboxes.  don't use the
programs from the backups (install from safe media), and be wary of
configuration data.

--
bringing you boring signatures for 17 years