i imported virtual users and domains (mysql, squirrelmail, postfix, courier, etc debian lenny) image into vmware 2.0 server, and i need to secure everything with new passwords. what else do i need to change from the default 'howtoforge' passwords, etc? ive updated root and administrator user passwords. are there any other users with default passwords? there are 6 users in mysql. can any be removed? when i change the mysql root password, will this break postfix/courier since they required passwords during the install? i couldnt find an existing post for this, but thanks in advance!
i changed mysql root password and nothing seems to be impacted--hooray! is there any postfix/courier risk in leaving the mail_admin password as mail_admin_password? i added directives to phpmyadmin to "Allow only from" my subnets, so mail_admin cannot accidently login there. but, could this user login some other way? (maybe for another post) my ultimate goal is to allow only encrypted pop3, imap and smtp. how can i secure this server? i tried securing smtp (http://www.howtoforge.com/postfix-smtp-authentication-on-the-secure-port-only) with no luck. the only difference--i left smtpd.conf alone. it seemed, to me, like it would need the sql_* configuration lines, but it didnt work with or without them. /etc/postfix/sasl/smtpd.conf: Code: pwcheck_method: saslauthd mech_list: plain login allow_plaintext: true auxprop_plugin: mysql sql_hostnames: 127.0.0.1 sql_user: mail_admin sql_passwd: mail_admin_password sql_database: mail sql_select: select password from users where email = '%u' "postfix reload" erred on the following line in master.cf: Code: -o smtpd_sasl_auth_enable=yes thanks in advance!
will i need to modify the mail_admin_password in the 6 .cf files created for postfix? also, do you have any insight as to why (with iptables -P INPUT ACCEPT) outlook (or any mail client) will only work with unencrypted settings? i'd like to use tls so email is encrypted. fail2ban--good idea. thanks!
