firewalls and webservers request for comments
Frank Wiles
frank at wiles.org
Thu Oct 7 17:12:47 CDT 2004
On Thu, 7 Oct 2004 17:05:45 -0500
"aaron hirsch" <aaronh at uptime.net> wrote:
> Why tell anyone here are the ports you will need to have open when all
> they have specified is services? Wouldn't it have been better to ask
> IF they wanted pop3/pop3s/imap/imaps before telling them to open xyz
> ports? I'm not trying to be a dick, but get the facts before telling
> someone to open xyz ports. Why should they open pop3 to the world if
> they are going to use imap, or vice-versa; heck why open them to the
> world at all if they are going to use webmail and imap and pop3 access
> are only required from the webserver? I've set up many mail servers
> where the only service available to the world is smtp, port 25, and
> http/https. Why open the door further than it needs to be?
I wasn't trying to give him advice on how to run his E-mail setup.
The listing of the ports was just an example to help illustrate why
running a firewall in front of an E-mail server is typically
pointless.
I apologize if that wasn't clear.
---------------------------------
Frank Wiles <frank at wiles.org>
http://www.wiles.org
---------------------------------
More information about the Kclug
mailing list