On Sun, Oct 12, 2003 at 17:12:43 +0200, David Fokkema wrote: > So I decided to run eximconfig and upgraded my mail server to not use a > smarthost. Works perfectly! I still have port 25 closed on my server, > however. Can I just open it
Perhaps you should first ask yourself why you would want to have it open. Is there a specific need for this system to receive mail from the outside world using SMTP? If so, you need to have it open. If not, there is no reason to give a cracker, or a piece of malware another potential point of entry into your system. > or are there things to worry about? With a security hat on, there are always things to worry about. It's a matter of degree. Exim has a very good security track record compared to e.g. sendmail, but (potential) issues have been found and fixed (see http://www.debian.org/security/2003/dsa-376). I'm happily using exim3 and exim4 on woody and sid systems. Still, on systems that don't need a full-blown MTA, I use ssmtp (as it is much smaller and simpler) and on systems that need a more complete MTA but don't need to receive mail, I use exim listening on localhost only. HTH, Ray -- We do not worry about Microsoft developing Open Source applications. Their revenue stream is based on a heroin addiction of selling ever more software. Red Hat's Bob Young quoted in http://www.theregister.co.uk/content/1/11321.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]