On 12 Feb 2010 at 9:18, Spyros Tsiolis wrote: > > Why do you port-forward pop110 to the outside world anyway ? >
Because I'd never thought about it, and it has always been open from before I used xmail. Even smtps, ssh etc aren't as open, ie just from selected ip blocks that are likely to be used. I've only just noticed volume of attacks increased, eg. over past 20 weeks: 0,3,0,0,0,416,0,168,3,0,0,1225,127,0,132,3,3694,557,5049 > If you have clients outside, why not use VPNs for this ? I'll setup a vpn when I swap out the two old firewalls but it's not worth hassle at moment. > AFAIK, port-forwarding pop3 to the outside world is not advisable. No more than running an ftp server. Problem isn't so much the security issues, it's load on server during such attacks. Having a secure connection doesn't prevent the connection attempts although it will possibly reduce the load. Accepting connections and delaying responses seems to be best compromise. > Maybe Secure POP3 ? Yep, I've had smtps in use for many years and no reason not to use pop3s. cheers David _______________________________________________ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail