Date: Sat, 24 Feb 2007 00:17:00 +0800 From: David Schulz <mailinglists@tca-cable-connector.com> To: freebsd-security@freebsd.org Subject: Advice for Internet facing Mailserver Message-ID: <2FF03F09-23CA-44ED-87BA-673095FFE430@tca-cable-connector.com> References: <8F62D3F1-B5AF-442F-B492-67D28FDCE9F0@tca-cable-connector.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello and good day, i have setup a Server which is directly connected to the Internet, without NAT-Router or other Firewall Appliance. I am using FreeBSD 6.2. I have pf enabled to only allow traffic on specified Ports. I am using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There is only one /home/User, which authenticates via a Key with Pass- phrase to sshd. The Mail-users all authenticate to a mysql database. I know that i could make use of chroot or better jail to secure the machine from possible exploits in postfix & co, but i am not yet comfortable with jail. Other then keeping my Ports (and system) up to date, can you give me some tips on how to secure my Box a little bit? Thanks a lot, David
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2FF03F09-23CA-44ED-87BA-673095FFE430>