[Gllug] Mail servers

Jim Bailey gllug at freesolutions.net
Tue Sep 30 13:50:23 UTC 2003


On Sep 30, 01:20, Doug Winter wrote:
> On Tue 30 Sep Jack Bertram wrote:
> > [1] I'm not entirely sure I know what "secure" means in this context,
> > even, except that POP3 is supposed to be an insecure protocol and I
> > don't want my server to be cracked because I'm running one additional
> > service.
> 
> POP3 is no less secure than IMAP.  They are both insecure inasmuchas
> passwords go over the wire in plain text.
> 
> If you want this kind of security, you'll need to SSL enable them -
> instructions for doing this to uw-imap come with the source distribution
> iirc.

Creating a secure mailserver is no trivial matter.  If you just want to
make sure that you are not an open relay then that fairly straight
forward.  However if you are talking about chrooting the smtpd and
pop/imapd, sasl auth, TLS, virtual mail users, even SE-linux and
mandatory ACL then it going to be a long and difficult learning and
configuration process.  Take a look at the link below if you fancy it.
;)

http://www.gentoo.org/doc/en/virt-mail-howto.xml

It is your setup but it should give you an idea of what is involved

Peace Jim
-- 
Are introverts arrogant? Hardly. I suppose this common misconception has
to do with our being more intelligent, more reflective, more
independent, more level-headed, more refined, and more sensitive than
extroverts.
 -- Jonathan Rauch

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list