[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] Re: Mail server
* Richard Ibbotson (richard [at] sheflug.co.uk) wrote:
> Richard
>
> > They do?
> > That sounds.... errrr.. less than correct to me.
> > Sure Sendmail has a long history of it, and Exim has had it's
> > problems. But Postfix? being known as one of the (along with Qmail)
> > most secure MTA's around, and with no serious (or even not so
> > serius bugs) that I can remember right now.
>
> I get loads of e-mail all the time from people who use MTAs at home.
> They constantly tell me that they are being hacked through BT's
> exchange through a dialup connection. Mostly to do with Sendmail and
> more recently the Exim break ins.
>
Yes, I was just saying that saying Postfix has many security holes,
isn't correct (or if it does, bugtraq makes no mention of them, and I have
never heard of them).
> Most of the security sites that I've seen on the net are to do with
> large servers that are always connected.
>
There principles are the same, if you ignore the sections about hundreds
of local users, etc.
You just have to adapt some things to cope with dynamic IPs etc.
> The home dialup user is not catered for. We *do_not* form a part of
> the world of the system admin. I've seen loads of comments on the
> net that say that the dialup user can " go frig ".
>
> End of story.
Oh I know.. and I agree with you.
And with the proliferation of DSL, and Cable in the states, It's
expected to some degree, that even home users have a reasonable amount
of bandwidth, and permanent connections.
But most of the stuff still applies, though maybe in need of tweaking a
little.
It isn't the job of the exchange, or your ISP to filter traffic.
And, after reading many arguments, and complaints by users of american
ISPs who had port 80 filtered, in an attempt to stop Code Red, many many
people, don't want their ISP filtering their traffic.
But there are equally vocal groups who want some services filtered at
the ISP (netbios and rpc mainly).
The general fact is, most of the scans to your system, are script
kiddies with very little knowledge of what they are doing, scanning
subnets for systems that their scripts will exploit, there's not real
motivation to attack *your* machine, just any machine they can.
Keep up to date with patches, put a decent packet filter between you and
them, and do all the other stuff security docs recommend.
--
[ Richard Lowe - richlowe - richlowe [at] richlowe.demon.co.uk ]
[ http://www.snowman.net/~richlowe/ ]
___________________________________________________________________
Sheffield Linux User's Group - http://www.sheflug.co.uk .
To unsubscribe from this list send mail to
shef-lug-request@list.sheflug.org.uk with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.