thoughts on running an IMAP-over-SSL server exposed to the Internet?
florin at andrei.myip.org
Thu Mar 26 19:59:07 EDT 2009
I want to read my email on the iPhone. To do that, I have 2 options:
#1 is a bit convoluted, I already run a VPN server, with OpenVPN, but
the iPhone doesn't have an OpenVPN client. Running *two* VPN networks
seems excessive for a small personal server - not that the machine
cannot handle it, but it just feels too complicated for the task at hand.
#2 would be easy to implement, just poke a hole in the firewall for the
imaps port. But then there's the issue of security, of course.
I am running cyrus-imapd-2.3.7 on CentOS 5.x
How comfortable y'all are with exposing Cyrus IMAPd's imaps port to the
big wild Internet?
Do you see the SELinux confinement as a must-have in this context, or
are you okay with running it without any such MAC protections?
More information about the Info-cyrus