25 Feb
2009
25 Feb
'09
12:54 a.m.
Sendt: Tue, 24 Feb 2009 22:28:07 +0100 (CET) Fra: "Daniel Aleksandersen"
I am just experimenting with seting up my own email server. I want some tips and hints on how to secure my setup to prevent unauthorised assess to my email. I have read through the wiki and have not found many tips. I hope to improve the wiki with tips gathered from the emailing list. :-) A basic measurement I could take right now would be to set more secure file premissions on my setup. My setup is based on http://wiki.dovecot.org/HowTo/VirtualhostingWithExim with a few addittions: fetchmail and exim4 deliver mail to my maildir and dovecot grants me access through imap. dovecot authenticates against /home/postmaster/passwd.digest and ./passwd.cram
I have tried different options on my maildirs. Dovecot gives me permission errors unless I set it to 775. I have seen that many mention 660 as the best permission setting for maildirs when used in setups similar to my own. Can anyone explain why my maildir must be executable and accessible to everyone?
Daniel