-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/07/07 13:57, Andrew Sackville-West wrote: > On Wed, Feb 07, 2007 at 12:20:47PM -0600, Ron Johnson wrote: >> On 02/07/07 11:31, Andrei Popescu wrote: >> >>> If I were to transform my firewall machine in a mailserver then IMAP >>> would be the best choice to access it. >> That's the *second worst* place to put it. >> > > please enlighten. I am in the process of re-examining my home lan. My > new mobo on the server includes to nic's so I am thinking of using my > server as the firewall as well... you seem, from the above, to think > this is a bad idea. I don't doubt that it is...
Machines exposed to the Internet should have as few services on them as possible. This reduces the threat "surface" (i.e., the number of available possible exploits. Thus, the device "you" should expose to Internet should only be a router+firewall and web cache (if needed). ssh on that box should only be visible to the LAN. Have the firewall *redirect* incoming imaps requests to your server. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFylkfS9HxQb37XmcRArPDAKDKreix8BZLz6MAlPTyJiyCVdiZDACgq2cJ qaV1OLWJT/o7MquFWd70QeQ= =o1jE -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]