However, you SHOULD IMHO lock the access so it has to be manually opened for each user that wants it. Another way is to do a PTR lookup on IP and [DROP] the packet if its not a google IP.
And then have a IP restriction on IMAP and also 587/SMTP Auth. This because there is bots out there that guess passwords and then send spam. By locking access for POP3 by Google IP, you ensure it can only be used with the fetch feature of Gmail (which do have account-wise rate-limits to prevent password hacking). In this way, you increase security. Of course it must be combined with IP restrictions and firewalling for IMAP and Auth on 587 aswell. -----Ursprungligt meddelande----- Från: dovecot-boun...@dovecot.org <dovecot-boun...@dovecot.org> För Harlan Stenn Skickat: den 2 mars 2022 01:15 Till: Peter <pe...@pajamian.dhs.org>; dovecot@dovecot.org Ämne: Re: Does disabling POP3 just mean removing it from the protocols list? The reason to support POP3 is that if you forward email to another account and that includes any spam, you are gonna get dinged. If folks want to read their email from gmail, they really need to suck that email over via POP to avoid this problem. H On 3/1/2022 3:13 PM, Peter wrote: > The only modern reason I can think of to continue to support POP3 is > that gmail's email fetch feature only works over POP3, so if you want > people to be able to import their email from your server to gmail or > google workspace then you should probably continue to support POP3. > > > Peter > > > On 2/03/22 10:54 am, Sean McBride wrote: >> Hi all, >> >> Hopefully a simple question. If I want to disable POP3 support >> (because everyone is using IMAP anyway), it is just a matter of >> removing |pop3| from the |protocols| setting in dovecot.conf? >> >> Are there side effects or other considerations I should be aware of? >> >> Thanks, >> >> Sean >> >
