Re: [exim] Quick Question - Prohibiting users from sending e…

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] Quick Question - Prohibiting users from sending email
L. Jason Godsey wrote:

*trim*

>>
>>Not 100% useful. MTA's *listen* (for other mx) on port 25. They
>>ordinarily *send* on random ports well above 1024.
>>
>
>
> It is trivial to block all outbound traffic destined for mail ports,


Yes. But one must (also/still) presume the attacker has not /
will not gain 'root' before your security gets your attention.

> then allow for certain local accounts.
>


Which may be easier to escalate to than 'root'.

Bottom line - secure the box with 'best current practice', keep
it MX/MSA-only, (pop/imap maybe), and hijacking of the MTA is
not likely to be a major concern.

Start adding shell accounts instead of sequestered 'virtual', it
gets harder.

Run Apache on the same box, for diverse users?
With PHP mod-everything, and such?
On Linux?

... well.

can you see your own ankles?

Fine!

... now bend over, grab 'em, pull hard, and 'kiss your server
goodbye'....

;-)

Bill