Re: [exim] Should I block exim port?

Top Page
Delete this message
Reply to this message
Author: Ian Eiloart
Date:  
To: Tolun ARDAHANLI, exim-users
Subject: Re: [exim] Should I block exim port?


--On 16 March 2009 13:55:28 +0200 Tolun ARDAHANLI <tolun286@???>
wrote:

> Hi to everyone;
>
> I liked too musch exim as my MTA...
>
> But I have real problems, about spams... :-/
>
> I activated my spamassassin for exim. Many spams are blocked with this
> system however few of spams are not blocked. How can I solve this problem?
> My server's port for exim(587) is directly open to world wide.


Port 587 should only be used for encrypted, authenticated email 
submissions. See RFC 4409
    <http://www.apps.ietf.org/rfc/rfc4409.html>
Even for authenticated submissions, it may be useful to use spamassassin, 
etc, because it is fairly common to see users' accounts compromised by 
spammers.


Exim does not do IMAP, so we can't answer your IMAP questions here.
However, your IMAP software should also require users to authenticate, and
should require encryption before authentication.



> Should I close it? or how can I secure it for blocking all spam mails. I

have one
> more opened port also which is may not releated with this mail list but it
> is closely the same issue.


If that's port 25, and this server is your MX server, then it has to be
open. Otherwise nobody can send email to your users. You need to employ a
range of anti-spam techniques. Many are described in the Exim documentation.

> The other port is for imap(143), should I also
> block it or how can I secure it. I thing that my questions are closely the
> same "securing the mail server"...<;-)
>
> Any help any suggestions will be glad...
>
> sincerely... Have a nice life with opensource...
>
> --
> Tolun ARDAHANLI
> Bilgisayar Muhendisi
> E-posta:tolun.ardahanli@???<E-posta%3Atolun.ardahanli@???.
> tr> Icq:326600
>
> -------------------------------------------------------------------------
> ---
>
> Tolun ARDAHANLI
> Computer Engineer
> E-mail:tolun.ardahanli@???
> <E-mail%3Atolun.ardahanli@???> Icq:326600




--
Ian Eiloart
IT Services, University of Sussex
x3148