> I believe that how to locking down an Imail server is a valid > question.
It's a valid question, in the sense that disabling all unnecessary services is a given. But there's nothing specific to IMail that can safely be recommended to a general audience, since mail servers often are enabled for file sharing, IIS, et al. in production environments, and everyone's mileage will vary depending on the use of mail within their organization and other purposes their mail servers may serve. > It shouldn't matter if your Imail server is in front of a firewall > or behind. It does matter to me, and this is exactly why I don't like the original question. To answer the question as-is is to imply that a mail server in front of a firewall is acceptable. I believe this is utterly irresponsible, as trying to harden an unprotected host is a waste of time at best, impossible at worst, and better translated into the expense of a firewall. > The server should be locked down. Not only will the server be more > secure and reliable, the server will run faster too. I don't think stopping unnecessary built-in services will ever prove more than a negligible performance enhancement in a basic Windows installation. RAM is cheap, and services that aren't in use aren't going to use much. Still, you're right, it should always be done to a practical extent. > I would think that Ipswitch support would have a recommended server > configuration for Imail. If you're really running a complete standalone, you could manage the running services AS IF if it is going to have, for instance, CheckPoint FW-1 on it, for which there are many guides on the Net. But this is not only idealistic, but is also just protection at the application level. You will have none of the DoS and spoofing protection of the software-based firewall, and whatever the stack can do on its own, it's still doing at the expense of other network services and far less efficiently than would a special-purpose firewall. -Sandy To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
