Re: Mail server for local lan

To: debian-user@lists.debian.org
Subject: Re: Mail server for local lan
From: Jeff <jcoppock1@attbi.com>
Date: Fri, 15 Mar 2002 17:01:24 -0800
Message-id: <[🔎] 20020316010124.GA13306@jc.oftheinter.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] m17kode9ad.fsf@reader.newsguy.com>
References: <[🔎] m17kode9ad.fsf@reader.newsguy.com>

Harry Putnam, 2002-Mar-15 14:49 -0800:
> 1) What daeman do I need to have running (pop3d Imapd...).  I intend
>    to have other household machines retreive via pop3 from this
>    server.

I suggest imapd, so you'd have the option to retain mail on this
system and view either with a webmail package or imap email
client.

> 2) Do other machine users really have to have accounts on debian box?
>    or just a mailbox at /var/mail?

I don't believe full-blown accounts are necessary, but someone
else will need to answer this one.

> 3) If I have a daemon running, is it possible to setup so that it only
>    runs when a machine connects.

You might be able to set up inetd to handle this service, but I
don't know for sure.

> 4) How can I bar any machines that are not 192.xxx.xxx from the
>    143/110 port.

You can either use /etc/hosts.allow and /etc/hosts.deny or setup
ipchains/iptables to do this.  Since you already have a firewall,
the hosts files are probably the better solution.

> 5) what do I have to tell exim in order for it to know to send the
>    other machines outgoing mail to my isp smart_host.

I don't use exim, so I don't know the specific config parameters,
but you'll make the server a relay host for the local network and
set it's smarthost to your isp smart_host.

> 6) can all this be made invisible to the internet, so that a scan will
>    not show 143/110 as running or open?

As you state below, the firewall will stop the scans at the
external interface, unless of course you are doing
port-forwarding.

I don't know that there is a way to hide a service port.  The
only thing I know of is to secure the listening port by limiting
access to it to known hosts/networks/domains/etc., and making
sure the service application is not vulnerable due to bugs or
poor architecture.

> I am behind a hardware firewall already (Netgear FR314) which I think
> will hide the open ports from the internet. but still want
> to make all precautions.  And know how to setup so that only my network
> machines get access.

-- 
Jeff Coppock		Systems Engineer
Diggin' Debian		Admin and User

Reply to:

Follow-Ups:
- Re: Mail server for local lan
  - From: Harry Putnam <reader@newsguy.com>

References:
- Mail server for local lan
  - From: Harry Putnam <reader@newsguy.com>

Prev by Date: Re: VERY OT: On Censorship.
Next by Date: Re: VERY OT: On Censorship.
Previous by thread: Re: Mail server for local lan
Next by thread: Re: Mail server for local lan
Index(es):
- Date
- Thread