[Dovecot] how secure is Dovecot when exposed to the Internet?
10 Aug
2009
10 Aug
'09
8:55 a.m.
$ dovecot -n
1.1.11: /etc/dovecot/dovecot.conf
OS: Linux 2.6.28-11-server x86_64 Ubuntu 9.04
protocols: imap imaps managesieve
I need to make an IMAP (actually imaps) server available over the Internet. Unfortunately, VPN is not available (not all clients support VPN), so I will have to expose the imaps port to the Internet.
My question is: how reliable is Dovecot in such a setup? I am not talking about encryption (protecting the traffic between server and client). I am talking about having the daemon exposed to anything coming in from the Internet, buffer overflows and stuff like that.
What's the security history of this software in situations like this?
-- Florin Andrei
10 Aug
10 Aug
9 a.m.
9:09 a.m.
Timo Sirainen wrote:
OK, that's pretty convincing. Thanks.
-- Florin Andrei
5761
Age (days ago)
5761
Last active (days ago)
2 comments
2 participants
participants (2)
-
Florin Andrei
-
Timo Sirainen