Re: Advice for Internet facing Mailserver

On Sat, Feb 24, 2007 at 12:17:00AM +0800, David Schulz wrote:
> Hello and good day,
> 
> i have setup a Server which is directly connected to the Internet,  
> without NAT-Router or other Firewall Appliance. I am using FreeBSD  
> 6.2. I have pf enabled to only allow traffic on specified Ports. I am  
> using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There  
> is only one /home/User, which authenticates via a Key with Pass- 
> phrase to sshd. The Mail-users all authenticate to a mysql database.   
> I know that i could make use of chroot or better jail to secure the  
> machine from possible exploits in postfix & co, but i am not yet  
> comfortable with jail. Other then keeping my Ports (and system) up to  
> date, can you give me some tips on how to secure my Box a little bit?
> 
> Thanks a lot,
> David

Hi David,

Perhaps the following URI would be of interest:
http://www.modsecurity.org/
I've been considering this tool myslef.  I am not using it as of yet.

Best Regards,

Duane
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"