Fabio Milano wrote:
Hi,
Is the chkuser patch and smtp-auth installed by defualt. I need to do
anything to initialize these? (I used your install script)
Thank you for the wonderful answers, and this list really makes it
possible for people to get into Qmail-Toaster. The efforts of everyone
on this list is much appreciated.
As Erik also replied, they're on my default with Toaster. That's about
all you can really do for the Toaster package to make it secure. The
only other things I could recommend would be to write a good firewall
(or use Bastille or Shorewall or some other similar firewall-writing
tool), and disable root SSH login. Login using a user account and su to
root instead. That way even if someone guesses/cracks your user
password, they now have another step to take control of the server
(guess/crack root's password). Close any ports you're not using. If you
don't use IMAP, close the ports. If you don't server web pages
(including webmail), close port 80, and only open it when you want to
login the web interface to control QMail. Minor things, but the more you
shut down the less pin-holes there are for someone to try and peek through.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
