Florin Andrei
2009-Aug-10 06:55 UTC
[Dovecot] how secure is Dovecot when exposed to the Internet?
$ dovecot -n # 1.1.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.28-11-server x86_64 Ubuntu 9.04 protocols: imap imaps managesieve I need to make an IMAP (actually imaps) server available over the Internet. Unfortunately, VPN is not available (not all clients support VPN), so I will have to expose the imaps port to the Internet. My question is: how reliable is Dovecot in such a setup? I am not talking about encryption (protecting the traffic between server and client). I am talking about having the daemon exposed to anything coming in from the Internet, buffer overflows and stuff like that. What's the security history of this software in situations like this? -- Florin Andrei http://florin.myip.org/
Timo Sirainen
2009-Aug-10 07:00 UTC
[Dovecot] how secure is Dovecot when exposed to the Internet?
On Aug 10, 2009, at 2:55 AM, Florin Andrei wrote:> My question is: how reliable is Dovecot in such a setup? I am not > talking about encryption (protecting the traffic between server and > client). I am talking about having the daemon exposed to anything > coming in from the Internet, buffer overflows and stuff like that. > > What's the security history of this software in situations like this?http://dovecot.org/security.html
Apparently Analagous Threads
- require SSL certs only for encrypted connections?
- sieve not working with Postfix and maildir
- state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
- state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
- state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages