On 13/11/2021 23:16, Tyler Montney wrote:
With the world of ransomware as it is today (aka attacks seem more
vicious and commonplace), anything I expose to WAN must have additional
protection. I've seen a few posts to this list on it. The only thing
that helped was that Dovecot supports OAuth. Through OAuth I figure I
could implement MFA. However, I'd have to host my own identity server.
From there, Thunderbird supports OAuth so that should work.
Since this is getting increasingly complicated, I wanted to ask before
going further. What do you all do? Any recommendations?
May also consider black listing, or even better, white listing country
IPs. A white list firewall, if you only have to deal with certain
country for example, will also work extremely well and it is quite easy
to maintain and update as well as simple and fast and very effective.
And if you need sporadically to use it outside your white listing, VPN
works great.
