Reply to post: Re: Used to run my own mail server 6 or 7 years ago, but stopped

The last post: Building your own mail server, part 2

Nigel Whitfield.

Re: Used to run my own mail server 6 or 7 years ago, but stopped

I agree;on the whole, I don't find that there's a huge number of attempts to do anything other than send mail through a mail server, and robust filtering can manage that pretty well.

While a system with a handy web-based config server is appealing, especially to the novice, the web server itself means there are more things open to attack. By starting with OpenBSD and adding only the things we want, there's far less of a surface for people to attack.

I don't believe I"ve ever seen a DoS against the mail server, and it's quite easy to limit concurrent connections if you do need to. The good thing about mail, of course, is that a properly configured sender will retry anyway.

Certainly, compared to the hammering you'll see the moment you have something listening on port 5060 (SIP) accessible from the internet, a mail system suffers very little. In theory, my phones are set up so people can call using my main email address via SIP. In practise, it lasted a couple of hours before I had to give that idea up an allow calls only via my SIP trunk provider

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon