[Dovecot] Dovecot security

Darac Marjal mailinglist at darac.org.uk
Wed Aug 14 12:17:12 EEST 2013


On Wed, Aug 14, 2013 at 06:12:02AM +0000, Jay Khashan wrote:
> Hi,
> 
> THIS IS URGENT 
> 
> I have Debian Linux machine which I installed as a mail server with postfix, and dovecot. my mail server is setup to use SMTP relay. I currently have ports 143, 995, 25 & SSMTP ports open. in the last few days I have been under attack where email is being sent to fake email address for example xxx at evg-mail.org which does not exist in the mysql db. 
> 
>  I need to figure out and lock down dovecot, because I believe the attack is some kind of virus /spyware. I need to know what statement in dovecot.conf or main.cf (postfix) I can modify to lock it down. Also open to install software to combat this kind of attack. Let me know what configuration files, info do you need to help out

I think it's probably going to be more effective to "lock down" postfix
(http://www.postfix.org/ADDRESS_VERIFICATION_README.html) than it is to
"lock down" dovecot
(http://wiki2.dovecot.org/Authentication/RestrictAccess).

I think, if you want to accept the mail but then refuse to store it,
you're looking at things from the wrong angle.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130814/d9cf9a03/attachment.bin>


More information about the dovecot mailing list