[Wylug-help] Security log message
Jim Jackson
jj at franjam.org.uk
Mon Mar 10 08:13:44 GMT 2008
On Sun, 9 Mar 2008, John Hodrien wrote:
>
>> This is a new situation to me as I've not used imap from outside until
>> recently, so all help is most gratefully received.
>
> I wouldn't treat this differently to having ssh accessible externally.
>
Or indeed ANY service :-)
I've run an IMAP service from my home server for several years now.
I have no restricitions to hte service other that the standard IMAP login.
I've monitored all imap connections, successful and failed, in that time and I
get about 2 or 3 "pokes" from unknown people a week. Most are port scans, I
see pokes at ssh too. Only very ocassionally do I see someone actually trying
to login, and I've seen no pattern in the login names used.
Compared with the regular unremitting attempts at hacking my web server, and
the regular pokes at ssh, the IMAP "attacks" are pretty tame.
Just make sure your IMAP server is fully uptodate and patched - which of
course is a given :-)
Jim
More information about the Wylug-help
mailing list