Re: Mail server for local lan
Harry Putnam, 2002-Mar-15 14:49 -0800:
> 1) What daeman do I need to have running (pop3d Imapd...). I intend
> to have other household machines retreive via pop3 from this
> server.
I suggest imapd, so you'd have the option to retain mail on this
system and view either with a webmail package or imap email
client.
> 2) Do other machine users really have to have accounts on debian box?
> or just a mailbox at /var/mail?
I don't believe full-blown accounts are necessary, but someone
else will need to answer this one.
> 3) If I have a daemon running, is it possible to setup so that it only
> runs when a machine connects.
You might be able to set up inetd to handle this service, but I
don't know for sure.
> 4) How can I bar any machines that are not 192.xxx.xxx from the
> 143/110 port.
You can either use /etc/hosts.allow and /etc/hosts.deny or setup
ipchains/iptables to do this. Since you already have a firewall,
the hosts files are probably the better solution.
> 5) what do I have to tell exim in order for it to know to send the
> other machines outgoing mail to my isp smart_host.
I don't use exim, so I don't know the specific config parameters,
but you'll make the server a relay host for the local network and
set it's smarthost to your isp smart_host.
> 6) can all this be made invisible to the internet, so that a scan will
> not show 143/110 as running or open?
As you state below, the firewall will stop the scans at the
external interface, unless of course you are doing
port-forwarding.
I don't know that there is a way to hide a service port. The
only thing I know of is to secure the listening port by limiting
access to it to known hosts/networks/domains/etc., and making
sure the service application is not vulnerable due to bugs or
poor architecture.
> I am behind a hardware firewall already (Netgear FR314) which I think
> will hide the open ports from the internet. but still want
> to make all precautions. And know how to setup so that only my network
> machines get access.
--
Jeff Coppock Systems Engineer
Diggin' Debian Admin and User
Reply to: