10 Aug
2009
10 Aug
'09
9:55 a.m.
$ dovecot -n # 1.1.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.28-11-server x86_64 Ubuntu 9.04 protocols: imap imaps managesieve
I need to make an IMAP (actually imaps) server available over the Internet. Unfortunately, VPN is not available (not all clients support VPN), so I will have to expose the imaps port to the Internet.
My question is: how reliable is Dovecot in such a setup? I am not talking about encryption (protecting the traffic between server and client). I am talking about having the daemon exposed to anything coming in from the Internet, buffer overflows and stuff like that.
What's the security history of this software in situations like this?
-- Florin Andrei