I struggled with getting the info in the wiki to work for me too. Here's
a link to something that finally worked for me on my CentOS 5.4. I used
the info in Section 2.
http://wiki.centos.org/HowTos/Https
Good luck!
Todd
-----Original Message-----
From: madmac [mailto:sysad...@tricubemedia.com]
Sent: Tuesday, April 13, 2010 4:01 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Re: spam
Ok Guys n Gals
I have rebuilt a new toaster on VM, from scratch. Using the
CentQMT5-1.2.0.iso
I am going to make this a ssl only, secure qmail server, if it kills me.
As
my current server is comprimised as previously posted.
Tried maNy sites to get a " self signed " ssl cert installed for
testing.
even here on the wiki:
http://wiki.qmailtoaster.com/index.php?title=Certificate&printable=yes
In there is a line that says you can self sign,
a.. NOTE - For reference, here is the command to sign the request for
a
self signed certificate:
1.. openssl x509 -req -days 365 -in servercert.csr -signkey
servercert.key -out servercert.crt
Can the poster or anyone else confirm that they have managed to get it
to
work ,
Or can anyone else help me get this installation secured.
I have added all the usual , clamav, spamassasin and spamdyke, also have
a
huge blacklist of IP`s and Spammers ( from another source )
I have disabled root to ssh, and changed the ssh port also, modified the
firewall to suite.
When all this is done I will also add "fail2ban", as sugested by Jake,
and
any hints on installing and configuring that would also be helpfull.
Notes
Previously tried but failed to get https://ipaddress/webmail to work.
even added what was sugested:
add these lines to your /etc/http/squirrelmail.conf file:
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*/webmail.*)$ https://%{SERVER_NAME}$1 [L,R]
restarted apache also.
When I have done all the testing to confirm security, I will make it (
The
VM ) avaliable.
Thanks all:
madmac
----- Original Message -----
From: "madmac" <sysad...@tricubemedia.com>
To: <qmailtoaster-list@qmailtoaster.com>
Sent: Friday, April 09, 2010 2:28 PM
Subject: Re: [qmailtoaster] Re: spam
Thanks Eric and Jake,
Will test fail2ban also on a VM
----- Original Message -----
From: "Eric Shubert" <e...@shubes.net>
To: <qmailtoaster-list@qmailtoaster.com>
Sent: Friday, April 09, 2010 10:09 AM
Subject: [qmailtoaster] Re: spam
You should secure squirrelmail so that it only runs with https, so
that
passwords are not sent in the clear. To do so, configure apache with
a
valid cert (see http://wiki.qmailtoaster.com/index.php/Certificate),
then
add these lines to your /etc/http/squirrelmail.conf file:
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*/webmail.*)$ https://%{SERVER_NAME}$1 [L,R]
Then
# service httpd restart
madmac wrote:
Is there then a way to secure squirrelmail, or any other webmail
prog.
This is a default install of qmail with the ISO.
Not having it is not an option, as most of the clients can only use
webmail as they are on the road daily.
Thanks
----- Original Message -----
*From:* Jake Vickers <mailto:j...@qmailtoaster.com>
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Sent:* Thursday, April 08, 2010 5:53 PM
*Subject:* Re: [qmailtoaster] spam
On 04/08/2010 04:21 PM, madmac wrote:
Well anyone that can guess my passwords must be amazing.
Let alone get through the elaborate firewall system.
ssh port is " non standard "
But I agree, this box is compromised " some how "
File count now at 9580 and counting
Are all of the files that are "infected" from mailboxes?
It does sound like your machine has been compromised. If you
leave
Squirrelmail open (ie: no protection against password attacks)
or
have other webapps running then this is the most likely place
for
them to get in. Once they have an account's login credentials,
they
can upload things to themselves and run them (don't ask me how -
I
never looked at how they did it - I just fixed it) and then
brute
force passwords from the local machine to obtain other access or
whatever they are looking to do.
I had one a year or so back where a guy installed phpbb - when
he
came in the next day someone had emailed him his root password.
He
reinstalled and put phpbb back on and had his machine
compromised in
about 2 hours after that.
--
-Eric 'shubes'
------------------------------------------------------------------------
---------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and
installations.
If you need professional help with your setup, contact them
today!
------------------------------------------------------------------------
---------
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
------------------------------------------------------------------------
---------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and
installations.
If you need professional help with your setup, contact them
today!
------------------------------------------------------------------------
---------
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
