Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
iam working on mail server in redhat \centos.
i want to know how to secure my mail server for heavy loading , any monitoring tools in GUI or console , is any essential tool which is used in Like MNC for mail server..
i know few command in like top,netstat,etc through google but i willing to know some more
well corp, iam talking about checking all avtivities in mail server,starting form accessing mail server by client to loading on server every thing all that a mail server have...
If your wanting an already configured email server (and your distro is part of the RHEL family)
I use iredmail myself and never had any problems, it even stops relaying from unknown hosts.
I mean I was attempting to allow XAMPP on my working computer as such, all I do on it is use it for local dev work, it even blocked that from using its SMTP service, using Postfix (which I use all the time now).
Like it says in that guide from that link on howtoforge, it won't be perfect but it does setup the DKIM for you which is really good and I have never had many backscatter (probably all being fair, once in 3 months of my last system upgrade), it's really superb!
Though I don't like the new iRedadmin web interface for adding in Users, as all the email users are stored in a database, either LDAP or MySQL (can't remember if it allows for PostgreSQL, but from what I remember it might do), here is the link anyhow:
I mean with the Perl Policy for backscatter, I get it's principles, works out where the email is being forged from (the network it originates from, as mines somedomain.co.uk (just as an example), but since I am a DHCP server to my ISP it's actually virgin's email network), it sends it from their smtp address if the recipients is from another domain.
But if the mail address is being forged to mine and it originates from mine, comes back (the backscatter part), where as the email is actually coming from a seperate network to the forged email address comes back as non delivered then it rejects it from my network.
Also coupled with the new router OS I have installed I really think I have a very secure network, was looking at artists lyric sites for some stuff just out of interest and nothing came back with any spy/malware, it's really very good.
I use snort with seems to stop allot of my annoying Spam too, since I have enabled the relevant rules for this too, worth trying to see if you can use Snort with your existing setup!
I use snort with seems to stop allot of my annoying Spam too, since I have enabled the relevant rules for this too, worth trying to see if you can use Snort with your existing setup!
Would you please elaborate on this concept? I thought Snort was an intrusion detection / packet sniffing application. If this is the same snort, how to you integrate it into your mail system? This sounds intriguing.
Yes of course I can elaborate (excuse me if I don't make much sense though, haven't had any sleep and its 5am in the morning here )
Yes you couldn't be more right, but on the elaboration of this, is that there's some rules for both smtp and pop3 aswell as phishing spam prevention.
I mean there's a router/firewall called pfsense I have installed on my old computer (used to run centos 4.8 on a while back), before I brought an old refurbished Dell DC7100 (just wanted to try and run centos 5.5 (before I upgraded to 5.6).
I now run Snort with a number of categories enabled in the Snort config web page, then enable those rules for both my web applications and my mail server, I mean it's decreased the number of spamming emails I have been getting for some reason, whether its coincidental or because of those rules I have enabled with Snort, I really don't know.
But it's worth giving it a go if you can?
But you do need quite a bit of system resources to allow for Snort to work, mines not quite up to par to having all the rules enabled but a certain selection on the no of open ports seems to work quite well.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.