[CentOS] IMAP security

Sat Mar 29 09:09:47 UTC 2008
Anne Wilson <cannewilson at googlemail.com>

On Friday 28 March 2008 21:14:25 mouss wrote:
> >> There are a number of things you can do to harden your security. You
> >> could set up an additional user account with nologin for email so if the
> >> username/password does get compromised it's limited to purely email. You
> >> could run imap services on a non-standard port (security through
> >> obscurity), or firewall the connection to only allow trusted IP
> >> addresses (works if you always conect from known trusted IP addresses).
> >> None of these solutions are perfect, so probably the best method is to
> >> encrypt the connection using SSl. See howto here (for postfix/dovecot):
> >>
> >> http://wiki.centos.org/HowTos/postfix_sasl
> >>
> >>    
> >
> > Thanks for the advice.  It helps a lot.
> >  
>
> Consider using imaps instead of imap. it's not hard to setup and it will
> prevent password sniffing as well as silly kiddie who only probe non ssl
> ports (my logs show a lot of 80, 21, 22, 110, 143 and currently not a
> single imaps).

I'll read upon it, thanks.

Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20080329/a44d1705/attachment-0004.sig>