[CentOS] courier mail for Centos

Thu Dec 6 16:13:55 UTC 2012
Robert Moskowitz <rgm at htt-consult.com>

On 12/06/2012 10:57 AM, Les Mikesell wrote:
> On Thu, Dec 6, 2012 at 9:49 AM, Giles Coochey <giles at coochey.net> wrote:
>> On 06-12-2012 15:41, Les Mikesell wrote:
>>> On Thu, Dec 6, 2012 at 9:13 AM,  <m.roth at 5-cent.us> wrote:
>>>> Disabling selinux, or at least setting it to permissive, I agree
>>>> with.
>>>> Turning down your firewall?! Anyone suggesting that is, IMO, either
>>>> a)
>>>> clueless, or b) a malware user/vendor trying to make life easier.
>>>> Can
>>>> anyone think of any other possibilities?
>>> Someone with good site and subnet-level hardware firewalling.  And a
>>> good feeling that all the bad guys are on the other side of the
>>> firewalls.
>> Filtering Inbound Firewalls are generally useless if the user of the
>> system doesn't know what they're doing. A lot of intrusions these days
>> are the result of inbound policy permitted traffic in causing someone to
>> initiate an outbound connection that gets them hacked.
> And you expect someone to be better at stopping this with iptables and
> a 'howto' than dedicated hardware and vendor training/support?

And outbound rule writing is very hard, as you have to sniff out traffic 
many times to figure out why an app is failing and then write a rule to 
allow that app out.