Tweet
Common User expectation with Mail server hardening:
Following ways can help you achieve the same :
Make sure mail relaying is disabled. Set reverse dns for the server IP's, SPF record for the domains. If you're getting too many mails to non existing users, set catchall address to fail.
Make sure that you "Prevent nobody user to send mails" is Enabled from WHM -> Tweak Settings (Will help to prevent spam mail sent from your server)
Use SSL over secure ports will ensure that the connection is encrypted when the users password is sent and data is transferred.
Try to use Secure Email protocols and related ports
POP3S 995
IMAPS 993
SMTPS 465
Instead of Unsecure ports
POP3 110
IMAP 143
SMTP 25
Use available software patches like Exiscan for Scanning at SMTP for : Anti-virus Anti-spam File extension blocking Regular expression blocking
The MX problem : If you have more than one mail server, all will need identical protection.
Firewalls : It will also be necessary to allow connections to the servers through your firewall. Be sure you have a good firewall in place to only allow the required connections.
Don't allow hackers to learn which version of the web server software you are running by inducing an error and thus an automated server response. Attacks are often version specific. Spammers also trigger errors to find email addresses.
- Prevent mail users on the server from being inundated with spam, and/or be able to effectively manage any spam that does come through.
- Ensure that messages that my mail users send out remains as highly deliverable as possible.
- Make it difficult for third parties to exploit my mail server for their own spamming needs.
Following ways can help you achieve the same :
Make sure mail relaying is disabled. Set reverse dns for the server IP's, SPF record for the domains. If you're getting too many mails to non existing users, set catchall address to fail.
Make sure that you "Prevent nobody user to send mails" is Enabled from WHM -> Tweak Settings (Will help to prevent spam mail sent from your server)
Use SSL over secure ports will ensure that the connection is encrypted when the users password is sent and data is transferred.
Try to use Secure Email protocols and related ports
POP3S 995
IMAPS 993
SMTPS 465
Instead of Unsecure ports
POP3 110
IMAP 143
SMTP 25
Use available software patches like Exiscan for Scanning at SMTP for : Anti-virus Anti-spam File extension blocking Regular expression blocking
The MX problem : If you have more than one mail server, all will need identical protection.
Firewalls : It will also be necessary to allow connections to the servers through your firewall. Be sure you have a good firewall in place to only allow the required connections.
Don't allow hackers to learn which version of the web server software you are running by inducing an error and thus an automated server response. Attacks are often version specific. Spammers also trigger errors to find email addresses.