Re: Replacing my Scalix mail server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Robert Moskowitz wrote:
> 
> I have seen attacks and mitigations that often never make it out to the 
> public, or make it out after we have worked with the vendors for weeks 
> to get patches before the S* hits the fans. I am particularly paranoid 
> about what may be exposed on a gateway/firewall while waiting for that 
> all so important patch.
> 
> I don't like SME's laid back attitude to getting a 1st install patched, 
> for example. One 1st install, all services on the server MUST be blocked 
> until current updates are installed and configured, and only then opened.
> 
> So, no, your explaination does not make me feel more comfortable. But 
> then as indicated, I am a hard one to make comfortable....

I could have missed something, but I don't recall any services being 
open on the external nic until you configure them.  Are any?  If you 
have a 1-nic setup they probably assume that something else is handling 
the firewalling.

>> That's not particularly relevant - if you access from more than one 
>> location you might want to set up imaps access so all the messages are 
>> stored on the server and available through the hoard web interface if 
>> you aren't at you usual client(s).
> 
> I was at the IETF when IMAP was brought out of CMU and standardized, I 
> know the beast all too well.

Yeah, on R4 and you still can't count on a good notification mechanism, 
but it is usable.

-- 
   Les Mikesell
    lesmikesell@xxxxxxxxx

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux