Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tlug: Re: A myriad of mailers
- To: tlug@example.com
- Subject: Re: tlug: Re: A myriad of mailers
- From: Rex Walters <rex@example.com>
- Date: Wed, 10 Mar 1999 17:10:05 -0800
- Content-Type: text/plain; charset=us-ascii
- In-Reply-To: <36E70EF2.2781E494@example.com>; from Howard Abbey on Thu, Mar 11, 1999 at 09:31:46AM +0900
- Mail-Followup-To: tlug@example.com
- References: <19990310144619.D12491@example.com> <Pine.LNX.4.05.9903110759490.2765-100000@example.com> <19990310161843.C16383@example.com> <36E70EF2.2781E494@example.com>
- Reply-To: tlug@example.com
- Sender: owner-tlug@example.com
>>>>> Howard Abbey writes: (on 11 Mar 99) > So, on a site not well administered (my personal one, which will > have a full time net connection in the fall for the first time), > which is the safer option in people's opinion. Sendmail configured > by a distributor with current updates, or qmail (distributor configured, > if that's available), or postfix, or whatever. Personal taste time, for sure. Full time connection increases your exposure, but you need to do your own risks analysis. Me, I don't worry too much about people hacking my personal machine (not much of interest on it, and not much of a vicarious thrill in crashing/thrashing a machine with only one user, of course, if I've *really* pissed someone off recently .... :-). The simplest answer is to strip out every unneeded network service *including* smtp. If you POP/IMAP down all your mail from your provider there is no reason you have to run a smtpd at all. Just use sendmail to send outgoing mail and don't run it as a daemon (the "-bd" option iirc). Your MUA likely fires up a new instance of sendmail each time it sends a mail message anyway (rather than speaking SMTP to a port directly). If you don't listen on port 25, nobody can attack you on it. Only problem (minor) is if you use fetchmail to retrieve your mail. By default it delivers to the SMTP port. I believe it can be configured to deliver to a sendmail process (or qmail-inject, for that matter). Though I've never tried it myself. When I get my full-time DSL connection (just a dream at the moment, sigh) I'll probably do a draconian purge of inetd.conf, and only allow incoming ssh. I will want to allow incoming SMTP though, and I'm more than comfortable letting qmail do the job for me (which I can't say about sendmail). Partly personal biases, partly training/familiarity (haven't mucked with sendmail in a long time, haven't mucked with postfix/exim/whatever at all), mostly due to design decisions and brief perusal of the code. I'd encourage you to read the FAQ, INTERNALS, and SECURITY documents that come with the qmail distribution, as well as documents on djb's web site to form your own opinion. Regards, -- Rex ------------------------------------------------------------------- Next Nomikai: March 19 (Fri), 19:30 Tengu TokyoEkiMae 03-3275-3691 Next Technical Meeting: April 10 (Sat), 12:30 place: Temple Univ. ------------------------------------------------------------------- more info: http://tlug.linux.or.jp Sponsor: PHT
- References:
- Re: tlug: A myriad of mailers
- From: Rex Walters <rex@example.com>
- Re: tlug: A myriad of mailers
- From: Chris Sekiya <chris@example.com>
- Re: tlug: A myriad of mailers
- From: Rex Walters <rex@example.com>
- tlug: Re: A myriad of mailers
- From: Howard Abbey <habbey@example.com>
- Re: tlug: A myriad of mailers
- Prev by Date: Re: tlug: 2.2.2 and networks, last time
- Next by Date: Re: tlug: MAX process number
- Prev by thread: tlug: Re: A myriad of mailers
- Next by thread: RE: tlug: A myriad of mailers
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |