For starters, forget your idea about switching the port from 25. That's not going to work and if it did work, it wouldn't increase security. The people looking to exploit services are scanning
ALL your ports and noting what services are listening on each.
Here's what you ought to do. Install Postfix via RPM. Install courier-imap via RPM. Install Squirrelmail by downloading it from
http://www.squirrelmail.org and unzip it into your html directory. If you've got webmin installed, you can easily modify the postfix config to work for your domain. As for security, the only thing you don't want to allow is relaying for hosts outside your subnet. This is disabled by default.
Squirrelmail will give you and your pals a web-based email interface like what you've got with hotmail, etc... but without advertising or limits on mail box storage. Plus you can hook up spamassassin as well.
good luck,
di11rod