Resources to bolster [anti-hijack] security? [postfix/general]

Discussion in 'Server Operation' started by FactionOne, Aug 21, 2015.

  1. FactionOne

    FactionOne Member

    Hi All,

    I'm new to ISPConfig, and so far I've found it to be excellent. At the moment, my set-up is quite small scale - initially replacing hosting I was renting for lightweight email forwarding, holding [www] pages, and other little bits & pieces for a handful of domains. I read a couple of HOWTOs (one a Perfect [Debian] Server, another about multi-site setup for a 2nd authoritative nameserver), and I've now got a couple of [don't laugh!] Raspberry Pis working a couple of domains nicely. [I've got a Xeon box I'll add to the pool once workload grows!]

    I'm quite concerned about being a 'good neighbour', and ensuring as far as I can that my server(s) aren't hijacked for malicious purposes. The websites I'll host will for the most part only be administrated by me (and maybe one or two trusted others). There will be very few mailboxes, and I'll configure the clients which will access them; so I'm not too worried by increased security adding a configuration step or two.

    I've done quite a lot of reading about postfix, including lots of guides covering tweaks for things like more strict protocol & dns validation and checking against blacklists, but it seems a lot of this is about preventing spam being delivered to my user mailboxes. If anything I'm more concerned by preventing unauthorised outbound mail being sent; so I was wondering if anyone has links which are recommended reading for this aim?

    It also occurred to me that additional security on smtp could be rendered effectively useless if I have a 'gaping hole' somewhere else; so if there's any good general (for 'all' services) anti-hijack reading you can recommend, I'd be grateful for those links too. [I hasten to add that I have got as far as good strong passwords! :) ]

    Thanks and regards,


Share This Page