On 2/28/2013 12:50 PM, peter lawrie wrote:
Hi I have been asked to configure an dedicated rhel6 server for a customer. I did not realise when I took this on how complicated it was going to be! The purpose of the server is to host a group of websites for small businesses. It came with postfix-2.6.6-2.2 dovecot-2.0.9 and mysql-2.1.67-1 I have installed virtualmin 3.98, usermin1.540-1 and horde 5 About a dozen currently inactive websites have been set up, mail is in /home/<domain>/Maildir My problem is that I can telnet to postfix to send and receive emails and can see these within postfix in webmin I have been having many problems getting dovecot to connect successfully to postfix. I have also installed horde 5 which requires to authenticate to an imap server - that is dovecot. This one server is intended to provide all services, so plain authentication is fine.
Do consider that since you have been tasked with setting up the server, you are responsible for doing it correctly. I see this configuration all the time and it is why so many servers get hacked.
Only necessary services should be run in a single environment. The problem is that the more services that are run together, the more likely one will be found with a flaw, which then can be exploited to take down the whole server. It does no good to run Dovecot in a chroot jail when Apache has access to the whole filesystem.
Best: separate hardware - one web server, one DNS server (if you need to run DNS), one mail server, on SQL server, etc.
Good: some virtualizer, like Xen and run virtual instances of each of the above.
OK: run all servers daemons carefully chroot jailed, with no common filesystem sharing. Interprocess communication can easily be accomplished via sockets.
Bad: Run everything in a big soup.
The traps is that for a small company, the belief is that no one want to target them. That may be true sort of, but opportunistic hackers will take any third party machine because it gives them anonymity when attacking other more valuable targets. Put a sniffer on your Internet connection and you will see an average of three attacks / scans / probes per minute.
As Simon and Reindl have already covered some of your configuration questions, I will not repeat their answers.
Best of luck.
Dem