Advice for Internet facing Mailserver
Bob Madore
bob at dexis.net
Sat Feb 24 18:29:04 UTC 2007
Another program to consider is DenyHosts
http://denyhosts.sourceforge.net/
It works exceptionally well.
Bob
Derek Ragona wrote:
> You might want to use /etc/hosts.allow to restrict some protocols
> further.
>
> -Derek
>
>
> At 10:17 AM 2/23/2007, David Schulz wrote:
>> Hello and good day,
>>
>> i have setup a Server which is directly connected to the Internet,
>> without NAT-Router or other Firewall Appliance. I am using FreeBSD
>> 6.2. I have pf enabled to only allow traffic on specified Ports. I am
>> using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There
>> is only one /home/User, which authenticates via a Key with Pass-
>> phrase to sshd. The Mail-users all authenticate to a mysql database.
>> I know that i could make use of chroot or better jail to secure the
>> machine from possible exploits in postfix & co, but i am not yet
>> comfortable with jail. Other then keeping my Ports (and system) up to
>> date, can you give me some tips on how to secure my Box a little bit?
>>
>> Thanks a lot,
>> David
>> _______________________________________________
>> freebsd-security at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-security
>> To unsubscribe, send any mail to
>> "freebsd-security-unsubscribe at freebsd.org"
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>> MailScanner thanks transtec Computers for their support.
>>
>
More information about the freebsd-security
mailing list