To make a long story short, in the past I used a hosting service. The email server was totally pwned by a Round Cube exploit from a hacker in a country I never occupied. Hence my advice to keep the server secure and reduce the attack surface.
Do hackers actually use their home ISPs? Yes if the country is basically lawless. You can't firewall your way to safety, but you can make these criminals do a little work. I also maintain a file of server IP space. Some CIDRs are from the obvious big players. The rest are from hackers trying to mess with my web server. These CIDRs also can't access any email port other than 25. The password guessers get anvil. I considered a fail2ban, but my passwords will not be guessed since they are randomly generated and high entropy. When I read the logs, most of the hackers are on Spectrum ISP, which is funny since Spectrum bans my VPS. SPF, DKIM, and DMARC just make you look less spammy. You should set them up. This link will verify the settings. https://dkimvalidator.com/ Original Message From: [email protected] Sent: November 25, 2019 9:48 PM To: [email protected] Subject: Re: how to setup a privacy oriented mailserver On 25 Nov 2019, at 22:53, lists wrote: > Security is privacy. More precisely: Security includes privacy. Privacy is an essential *PART OF* security. The remit requested by the OP is really too broad to answer on a public mailing list intended for discussion of a specific MTA (even though Postfix would be a likely component...) because it could have very different answers depending on the specific needs of a site and issues like scale, threat model, risk tolerances, and available resources. -- Bill Cole [email protected] or [email protected] (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not For Hire (currently)
